IETF Logo Mail Archive

Re: [Sidrops] John Scudder's Discuss on draft-ietf-sidrops-rov-no-rr-05: (with DISCUSS and COMMENT)

John Scudder <jgs@juniper.net> Wed, 24 August 2022 21:06 UTC

Return-Path: <jgs@juniper.net>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 82D14C14CE3C; Wed, 24 Aug 2022 14:06:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.678
X-Spam-Level:
X-Spam-Status: No, score=-7.678 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.571, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net header.b=K83hHE5A; dkim=pass (1024-bit key) header.d=juniper.net header.b=VzOOahyB
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id H9bS-MYERvjH; Wed, 24 Aug 2022 14:06:40 -0700 (PDT)
Received: from mx0a-00273201.pphosted.com (mx0a-00273201.pphosted.com [208.84.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DB47AC14CF1E; Wed, 24 Aug 2022 14:06:39 -0700 (PDT)
Received: from pps.filterd (m0108159.ppops.net [127.0.0.1]) by mx0a-00273201.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 27OFpfJK022165; Wed, 24 Aug 2022 14:06:38 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-id : content-transfer-encoding : mime-version; s=PPS1017; bh=XRWCuecfxBJGKta8IBQw9Gt60J+IxgzApn7NzW5qSAI=; b=K83hHE5ArVVRWAwBAPk0MvEVSePfNrdldxhxRg9FX9qQXonc0c2Kkq/gJNaX1eoEpWBC zQnuQm+8rSS0wO5D78zDzWDzeyKzRaxDXUu64oKo0bQsvEmLR3O1CqaqF7MouK5JOId4 yHM12wi47ba/DbBItGfA4jVJh9Yr1g+t2LQPHMb/644NinLyA+2+UQqgiwyYkg41V+sw faBXmiho+EgxlsisHDUNuzXbjob1v0tDQ2x7WaxytTZADVTwk4e5KcBqQACOsrjsyYcs EFHTjoNc7sdmJkx2kXPA9I3Gdu4fLdb10jF+wmD5YH0F0iP6Vo1sR1NsuNONlrgQfboU Iw==
Received: from nam10-mw2-obe.outbound.protection.outlook.com (mail-mw2nam10lp2108.outbound.protection.outlook.com [104.47.55.108]) by mx0a-00273201.pphosted.com (PPS) with ESMTPS id 3j5q0hrhtj-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 24 Aug 2022 14:06:38 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ET6XlC3PGBS7DSqu5nt7xhV572WNBlgfNHHAE2W+rZRyzOnJQD1hT+MlXwUpX0/VZ/20Y1gYXc8jW52XRo9Y51KJDxLz0+JGl6g842TOzJvJEOjQPI/tX2yoTRYh0y1t22miPxYTl7DSrVH9hTza1672PK6rNF8+Dv/9ftrmBI6dHWWtjKQ017KTP5SZ5RxPWxB1YxzrDqd+SIsky3SZbUk4oHYuQltYSH5QOmXTrekkUxA0Z411Dg74LEQElRk1XDrvIZqEzsY1XJUThgAUPISCJSgw9QS1gnbDagI9FKJE5qVt3rZMou+raBuc5+YzSijk/sVVOidyX5M8QzvItg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=XRWCuecfxBJGKta8IBQw9Gt60J+IxgzApn7NzW5qSAI=; b=PbcRNaqV2QcK93lgJQ1KdFXWIXEpf7M9tvVj66FzhsVrN7cygKOWDZPkWsBbr4GjeiueMu+kTW+/35SAC4jHni4GUSWT7ekMV9U7YyY6iUtMR51T2VUu71zxHKqz5LQT0CR/AcNSN/NonQkemduG/fraVJx+MVrvMQA0JrRyBVbv9j4ZjwEnFbrNsshRfJBp+464SXxztYq+7+XKbCSkHl7VeHM6PUizVYw0kWpVb01OgGrEvuc+aqfCejiP3luOZ9Z9vSzKSxO+YHjaIXLE/w5mYNZGG6QruH5tOrIUlq4k4y8W4v6qIoCix9VzEBbn0xosHovkGSrA837klvSjdg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=juniper.net; dmarc=pass action=none header.from=juniper.net; dkim=pass header.d=juniper.net; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=XRWCuecfxBJGKta8IBQw9Gt60J+IxgzApn7NzW5qSAI=; b=VzOOahyBxoxzQRNlmYqsnWbbJB1umbBp87UwWdGwEvUBZ92dE2eWuSLfAm44rhvhZUuQLSf4uks0LkRP9x1tU7wvyS1kyEaAFfFLYVlS27lB0+AHrQE75w6g0CsnBEeNoaHFqwS/uGWrN4fgA+N239uqSWlX6M7Nok8XKTXCT5s=
Received: from MN2PR05MB6109.namprd05.prod.outlook.com (2603:10b6:208:c4::20) by BYAPR05MB5272.namprd05.prod.outlook.com (2603:10b6:a03:a0::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5566.10; Wed, 24 Aug 2022 21:06:36 +0000
Received: from MN2PR05MB6109.namprd05.prod.outlook.com ([fe80::399f:38aa:b39c:1502]) by MN2PR05MB6109.namprd05.prod.outlook.com ([fe80::399f:38aa:b39c:1502%4]) with mapi id 15.20.5566.004; Wed, 24 Aug 2022 21:06:36 +0000
From: John Scudder <jgs@juniper.net>
To: EXT - randy <randy@psg.com>
CC: John Scudder via Datatracker <noreply@ietf.org>, The IESG <iesg@ietf.org>, "draft-ietf-sidrops-rov-no-rr@ietf.org" <draft-ietf-sidrops-rov-no-rr@ietf.org>, SIDR Operations WG <sidrops@ietf.org>
Thread-Topic: [Sidrops] John Scudder's Discuss on draft-ietf-sidrops-rov-no-rr-05: (with DISCUSS and COMMENT)
Thread-Index: AQHYt/rFRZl7eOgngkGXECkOp7y5gK2+iVGAgAABgoA=
Date: Wed, 24 Aug 2022 21:06:35 +0000
Message-ID: <A93C7F90-6C9C-40BE-B672-D3AD3FA4DFDD@juniper.net>
References: <166137406153.61640.1200909428203922591@ietfa.amsl.com> <m28rndpd9k.wl-randy@psg.com>
In-Reply-To: <m28rndpd9k.wl-randy@psg.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3696.120.41.1.1)
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 3ae786a1-16a3-4c27-5732-08da861487a7
x-ms-traffictypediagnostic: BYAPR05MB5272:EE_
x-ld-processed: bea78b3c-4cdb-4130-854a-1d193232e5f4,ExtAddr
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: gGaKMH9i0yctPHezki3MLLtFZYamAvI+w3GLjurxaEMVg2p8hKaUxD0UVv0Avd7wfYvy/+jlujt5DCYP3bPP/PMlJ58qNwK7Rmu0i2pmlDDPYGw0UXH84Z87Zqj4yCPZb0awLI650Z39npthyH1hd5Sz5cVJ95odJl8yF0Byy+wlI6QIO/qOR0y2J391dEkARunxsn2eRxSm5Wzm13Izd6s7H2IqA9V5tGlch+Jg59IO+HotXNiDEEElM59flIRJRQnrgoGpKuJtQA108ox42ApmuhqwUTNwxx4Re1aXNlGwSqRnKjCYJNFiO7gKGdZmFyeVnCjkM1yndbAiSTAbQ6xwlIGMjm4a3RinwryCtYNzViBMd6iyc+2Gwhm+kEvfilewMNgcHlxgWrjik5jJHkzrm0GgI9d0o+Ey/Pllu0vhxRCn3jnW9wtiuF8F3qawSz5d2PeRYZjgZkzQ3T3fu4/nDoLINa8se1v+OBWMjqvwGC88GYmbxfRf0kmpg4wJv4GwzFRJ3VuN3M9FM900tUlJ2wympAR4grWj0UM1xTeJSgHLylwyR8zBAloLxiSw5BusCjtCMTdgzChSxhicaKkPJEIWz94EKcc85+mJP0WA/q/3DQO+EL6HKXxAtQLyaxw1CkThI/6TaL0lpCVl5IYwmHJDQbmj7siOq+PuV061KR7+mVBjwlM4D71uBzzvTtxx9OD+ziKaTW5rOHr61QWrKUFAzI88N3KMlVqjdufNZM6tx/OhpxXkfbp1yDo4GJ2rSmKzBRVcpsB/RgbAGD4NtjeSho5PSQdZkLNUZuhlLWFiz490r6QQ73SEOpHlcxOjnYLfK4aSvsvSeDP2uoEwPcgKyJbSkD4EWYzn1tQ=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR05MB6109.namprd05.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230016)(4636009)(376002)(136003)(346002)(366004)(396003)(39860400002)(316002)(8936002)(36756003)(54906003)(66476007)(2906002)(66446008)(4326008)(76116006)(66556008)(66946007)(64756008)(6916009)(53546011)(6512007)(33656002)(41300700001)(8676002)(26005)(5660300002)(6486002)(478600001)(71200400001)(122000001)(6506007)(2616005)(91956017)(38100700002)(83380400001)(38070700005)(186003)(86362001)(45980500001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: MwpxF4VQpG7WHG/0z2FowV0PTe0vXftJY5ruSQONBbeufajskUiC9V8rhn4d/D2XsLjSHJsZbbpIMCXAh2Gfj/XI7t/jhLpBnEEJH2y3lzUzVsYrJ+24w6hmIOmCqaRLgOEV0/XrKBnadSOoWd/7qnTpy1z8kWdY9CTlGiXUwiiKmhxXcUMjoCmxXNP/11WKzxWvBtFOD5n65MBX3LjE5Y3c1bEIQweuifytbz8bRx6V8f0rd4AfL1kyfVHfJOI3tmrRMh7ImRNTcmwVGdbhmHdlm1s6Oxruk+MyzQ/DyJF2mSbxwjFi4zq8+SwiyY86+XKz896cX74NgN4K8eZTwaD/FcFwQmko2Z0JsjRZh7/1DshewqJzxoqseo1I1WJPG5p0nWs8n/fCm+AbqzwUfu5eAg6PPwFQFYhqybWhC22c2wCrW+Fm2JbN6rLfdf7R+Zj/xtvdQsz+z+UJhhgEiRJH+NCI+GHhFxDNNmiQbWzvu0R9YVuIprjxDiQPrwaskk827XTg7ShasmW6urBSDVWXmMC/C152+0ZKW3EY9jKvS4CUxEy8QZl7xUOAd5J2ys+od3uR0k1QMJA2v2e/YLxOzGwC+VCIEDrLP5dE3Q2l4RCziz3FDrgQ30XYkh0Ezuql4EUU8Zs8VcHkthg61xSDZZCuvzNS4JfUs0UDgCJLFq0ZMwJnMP1T/DrwiYaZtcF31nXCF16FngKXezGw6FkhLX5QbnoH4h3Y8tu3+aEiXVyQoTZvLXR5DY/jrGfIvSm92HbaZMPDRKS8bXx7PwQ4HqwrnkPErv7Zr2IQJeHV8JFHfrU0gurOyUw3a8cTCDaCtDWc6Y9mztyumTkmfdgjm+YiO+V3wFre2qxGcQuBOMinzSRl7vfZiBIPzQ5SX9vzBXqfTKci3qX7JET/ulRQCpS1R/6a4TNM621PHD5aJjUZ1R4vveIMuVR5acjtahlcIDo2FJDbBIUna88z2cpWFSLL0fDZDDsdUSpn23n/W7LOODptBLABlLT6qd/pG6wqwh1SYUEUPE3HailrULG97Hm3M6iJqzHtAX3dlpTm+UlzEAbSC0WWsMQmAm0CzY0pHEBTNMHVYEEMlXAXPIVEfkScdg/E+6QWSHW+BdqHQO6Je9yGkI2aVAF+6KfUEAu7I1AWiU43ywJ2YEl0zJpyasuS2OIWxeSzg/JTTpXZPGa6jR+4mz6HFi/pNLN8xWtIxGUFpqAFpB4DaBc3LSbijXoDSW4LgHDnE2jSw2Om/rj1R668DvDIRgYIhLagOmGl4EAQdfi6L2UKLB8VRFL0SjNu+Rc66ttzeqymJyPubGBqxN+rLYEYMM9VyCyE7A/sBjW8GyoXF8/Sd1PQ7YS2Oje9tyrGEWeTxWc520xfA2+S/hv0aSoN7/92sESXaL94B52dUaTxXytXjp+7NLkii71MHS3hCvjjdlPb92NxpZp5lZVfwYrtF7xnG7AVmczw0aikmYK2OacFuDzOES4VPlWRAQfeNCdkCszmZNHQLzsld+nqDtysMW3TpbQt62xUvTC1o8qgIAGiCrMMooo6KZ7nk0VOlcPyl6Vv5BoKnCQ7wUoDiV32kKWMtvOv
Content-Type: text/plain; charset="utf-8"
Content-ID: <5EACF290A2F7C549BA57788273C61912@namprd05.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MN2PR05MB6109.namprd05.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 3ae786a1-16a3-4c27-5732-08da861487a7
X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Aug 2022 21:06:35.9392 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: OL6Vk7rD1OHxQFklxjz2AaOAAfBYX2L5/2qp7wDnCyvN76HEZmnGBAmFpvJX4349
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR05MB5272
X-Proofpoint-GUID: 3B2gKp9CmTiD3laq8uBRXJyFFI6Yum0U
X-Proofpoint-ORIG-GUID: 3B2gKp9CmTiD3laq8uBRXJyFFI6Yum0U
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.517,FMLib:17.11.122.1 definitions=2022-08-24_13,2022-08-22_02,2022-06-22_01
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=3 adultscore=0 priorityscore=1501 suspectscore=0 impostorscore=0 mlxlogscore=150 mlxscore=3 lowpriorityscore=0 clxscore=1011 bulkscore=0 phishscore=0 malwarescore=0 spamscore=3 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2207270000 definitions=main-2208240077
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/ogVvuinMnQHHDNaEPwB4PXrYx4U>
Subject: Re: [Sidrops] John Scudder's Discuss on draft-ietf-sidrops-rov-no-rr-05: (with DISCUSS and COMMENT)
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Aug 2022 21:06:47 -0000

LGTM. Thanks!

—John

> On Aug 24, 2022, at 5:01 PM, Randy Bush <randy@psg.com> wrote:
> 
> [External Email. Be cautious of content]
> 
> 
> thaks john,
> 
> how about a more logical ordering and a slight rewording?
> 
> 4.  Keeping Partial Adj-RIB-In Data
> 
>   If new RPKI data arrive which cause operator policy to invalidate the
>   best route, and the BGP speaker did not keep the dropped routes, then
>   it would issue a route refresh, which this feature aims to prevent.
> 
>   A route that is dropped by operator policy due to ROV is, by nature,
>   considered ineligible to compete for best route, and MUST be kept in
>   the Adj-RIB-In for potential future evaluation.
> 
>   Ameliorating the Route Refresh problem by keeping a full Adj-RIB-In
>   can be a problem for resource constrained BGP speakers.  In reality,
>   only some data need be retained.  If an implementation chooses not to
>   retain the full Adj-RIB-In, it MUST retain at least routes dropped
>   due to ROV, for potential future evaluation.
> 
>   As storing these routes could cause problems in resource constrained
>   devices, there MUST be a global operation, CLI, YANG, etc. allowing
>   the operator to enable this feature, storing the dropped routes.
>   Such a control MUST NOT be per peer, as this could cause inconsistent
>   behavior.
> 
>   As a side note: policy which may drop routes due to RPKI-based checks
>   such as ROV (and ASPA, BGPsec [RFC8205], etc. in the future) MUST be
>   run, and the dropped routes saved per this section, before non-RPKI
>   policies are run, as the latter may change path attributes.
> 
> randy

v2.23.0 | Report a Bug | By Email