Re: [Sidrops] Which 8210-bis error code should be used?

[Claudio Jeker <cjeker@diehard.n-r-g.com>]

On Mon, May 22, 2023 at 05:05:21AM +0000, Sriram, Kotikalapudi (Fed) wrote:
> Oliver and I have discussed the issue off-list. Requiring an artificial
> insertion of an AS 0 only VAP-SPAS for the neglected AFI for the CAS is
> not required. The verification algorithm (hop-check function in Section
> 5) inherently takes care of the neglected AFI (absent VAP-SPAS)
> situation.

I agree with this direction. I suggested a very similar change in a
previous mail.
 
> The previously proposed text change (
> https://mailarchive.ietf.org/arch/msg/sidrops/C5newCanz60yBNc6myoEZfQnMoc/
> ) is retracted.
> 
> But a slight modification of the paragraph in consideration would be
> good as follows:
> 
> 
> OLD text:
> 
> 
>    If, despite the above recommendations, the ASPA(s) of a CAS includes
>    SPAS for one AFI but not for the other AFI (not even an AS 0), the
>    ASPA SHALL NOT be rejected just for that reason.  However, such an
>    ASPA(s) will be presumed to imply that the CAS has no providers
>    (equivalent to AS 0 SPAS) for the AFI that they neglected to include.
> 
> 
> 
> NEW text:
> 
> 
>    If, despite the above recommendations, the ASPA(s) of a CAS includes
>    SPAS for one AFI but not for the other AFI (not even an AS 0), then
>    for AS_PATH verification purposes, the CAS is considered to have no
>    providers (i.e., absent VAP-SPAS) for the neglected AFI (see the hop-
>    check function computation in Section 5).  (Note: Artificial
>    insertion of an AS 0 only VAP-SPAS for the neglected AFI for the CAS
>    is not required.)

I think one should just remove this section and offload all of this into
Section 5. Especially the added Note: does not help at all and is just
confusing for a reader of the draft/RFC who does not know the backstory.
We need to write this for people not knowing all the discussions we had.
 
> The hop-check function is slightly tweaked as follows:
> 
>                              /
>                              | "No Attestation" if there is no entry
>                              |   in VAP-SPAS table for CAS = AS(i)
>                              |
>    hop(AS(i), AS(j), AFI) =  / Else, "Provider+" if a VAP-SPAS entry for
>                              \   CAS = AS(i) for the mentioned AFI
>                              |   is present and includes AS(j)
>                              |
>                              | Else, "Not Provider+"
>                              \
> 
> 
> This is basically the same function definition as before but makes it
> clearer that since VAP-SPAS is absent for the neglected AFI, there would
> be no match in the VAP-SPAS for AS(j) and hence the outcome for that AFI
> would be "Not Provider+".

While already better I prefer if in the "No Attestation" case a clear
statement that this applies to all possible AFI values.
A possible option is:
                             | "No Attestation" if there is no entry
                             |   in VAP-SPAS table for CAS = AS(i)
                             |   independent of the AFI value

I really prefer the definition of the hop-check function to be explicit 
to avoid any possible misinterpretation.

-- 
:wq Claudio