[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Idr] [Fwd: I-D Action:draft-chen-rfc4893bis-00.txt]

To: Rob Shakir <rjs at eng.gxn.net>
Subject: Re: [Idr] [Fwd: I-D Action:draft-chen-rfc4893bis-00.txt]
From: Enke Chen <enkechen at cisco.com>
Date: Mon, 26 Jan 2009 15:15:20 -0800
Authentication-results: sj-dkim-1; header.From=enkechen at cisco.com; dkim=pass ( sig from cisco.com/sjdkim1004 verified; );
Cc: idr <idr at ietf.org>, quaizar.vohra at gmail.com
Delivered-to: ietfarch-idr-web-archive at core3.amsl.com
Delivered-to: idr at core3.amsl.com
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; l=5747; t=1233011721; x=1233875721; c=relaxed/simple; s=sjdkim1004; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=enkechen at cisco.com; z=From:=20Enke=20Chen=20<enkechen at cisco.com> |Subject:=20Re=3A=20[Idr]=20[Fwd=3A=20I-D=20Action=3Adraft- chen-rfc4893bis-00.txt] |Sender:=20; bh=zRrvT1uMNtshoYcX14k8if9eSYQP7WCnWWAkLEEQSJU=; b=tkg4UFzGma9T5vnQJp+CzvEGH1p6pNpsvj3B/MUAo1R/e/TbjGTXcQiDRi vaZyHZ0LogdVDFOHyXqGr/+gU5YpfZbPGC8CQf3DLyFeQZxYBnuRH9bXCA04 vEB2Xon6LqSi/glDG8LQL6O0Et4pim83/n08ZHlh8PHhbgTp7fmbU=;
In-reply-to: <20090126184849.GA23929 at bronze.eng.gxn.net>
List-archive: <http://www.ietf.org/pipermail/idr>
List-help: <mailto:idr-request@ietf.org?subject=help>
List-id: Inter-Domain Routing <idr.ietf.org>
List-post: <mailto:idr@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
References: <497B85CC.4010302 at cisco.com> <20090126184849.GA23929 at bronze.eng.gxn.net>
Sender: idr-bounces at ietf.org
User-agent: Thunderbird 2.0.0.19 (X11/20081209)

Hi, Rob:

Please see my comments inlined.

Rob Shakir wrote:

On Sat, Jan 24, 2009 at 01:19:08PM -0800, Enke Chen wrote:

3. Protocol Extensions

A NEW BGP speaker SHOULD NOT send these path segment
types in the AS4_PATH attribute of an UPDATE message.  A NEW BGP
speaker that receives these path segment types in the AS4_PATH
attribute of an UPDATE message MUST discard these path segments,
adjust the relevant attribute fields accordingly, and continue
processing the UPDATE message.


Enke,

Thanks for following up on this matter.

I appreciate that stripping the confederation data from AS4_PATH does deal with
the problem of a neighbour resetting sessions due to an invalid optional
transitive attribute, I am not entirely convinced that it is the best way to
handle invalid data in AS4_PATH.

I understand from the current RFC that if we have a broken set of paths where
the AS4_PATH contains a conferation sequence, but this information has been
stripped from the AS_PATH and replaced with the confederation identifier, then
we will retain loop-prevention (due to the fact that the confed ID will be one
of the AS numbers that is prepended to the AS_PATH during AS4_PATH-AS_PATH
reconciliation).  Hence, by not discarding the update, and merely stripping the
invalid data then we do keep the required underlying functionality.

However, this does introduce some complexity into the implementation of this
standard, we must ensure to strip the correct elements from the AS4_PATH. Whilst
this should not be a matter of great importance - some implementors do not
produce standards-compliant behaviour (see the cause of the session resets that
we observed when connecting to the global table). I am interested to hear
whether you envisage problems being caused by incorrect data being stripped from
the AS4_PATH and hence result in routing information (which was present) being
lost? One possibility of this would be in AS_SET and AS_SEQUENCE being stripped
from the AS4_PATH (a feasible bug in an implementation of this new behaviour).

Stripping the confed path segments is pretty straightforward. IMO animplementation that can deal with the merge of AS_PATH and AS4_PATHshould have no difficult in implementing the stripping.

The other concern that I have is that if some BGP neighbour does not implement
the standard correctly, to what extent can the routing information produced by
and propagated through this neighbour be trusted? One of the advantages of the
approach that we suggested on the IDR list, in my eyes, was the fact that when
routing information is 'corrupted' by the insertion of invalid data into an
attribute, the receiver chooses to not use this routing data.  Operationally, I
feel that this behaviour is advantageous, since those paths that contain
incorrect information have a penalty placed against them.

This seems to be a perfect case to follow the time-tested principle "Beliberal in what you accept". It is a recoverable, non-fatal error.There is no need to use any disruptive procedures.

6. Error Handling

When a NEW BGP speaker encounters an error (other than the invalid
confederation path segment types described previously) in parsing the
AS4_PATH attribute or the AS4_AGGREGATOR attribute of an UPDATE
message, the speaker MUST discard the attribute in error, and
continue processing the UPDATE message. The error SHOULD be logged
locally for analysis.


I appreciate this addition. Given this error, and the possibility for further
problems, there is definitely a requirement for a well defined method of dealing
with errors during the transition to 4-byte AS numbers, where these optional
transitive elements have the possibility to propagate far from the source
without any validation.


Thanks.  That is exactly the objective of the new section.

I would be very interested in your comments as to why it is felt that stripping
the invalid elements from the AS4_PATH attribute is a better solution than the
alternative we proposed to the IDR list last week.

Here is an excerpt of your proposal posted to the IDR mailing list lastweek:


-----------------------------------

There are two cases to consider when an invalid AS4_PATH is received:

(1) A path to the prefix is not already known from that neighbour.(2) A path to the prefix has already been learnt from that neighbour;In case (1) we recommend that the BGP speaker should discard the UPDATE and log

the fact. The log entry should include the received AS_PATH and
AS4_PATH to aid in debugging.

In case (2) we recommend that the BGP speaker should treat the UPDATE as a
withdrawal of existing path to the prefix. As per case (1) a log entry should be
raised to indicate that this has occurred.

------------------------------------

The proposal for (1) is incorrect from the protocol aspect. As BGPupdate is incremental, we can not just hold on to the old info anddiscard the new info.

The proposal for (2) is ok from the *pure* protocol aspect, but it wouldcause unnecessary disruption (i.e., loss of connectivity) for thisrecoverable, non-fatal error.


Thanks.   -- Enke

Kind regards,
Rob

--
Rob Shakir                      <rjs at eng.gxn.net>
Network Development Engineer    GX Networks/Vialtus Solutions
ddi: +44208 587 6077            mob: +44797 155 4098
pgp: 0xc07e6deb                 nic-hdl: RJS-RIPE

This email is subject to: http//www.vialtus.com/disclaimer.html


_______________________________________________
Idr mailing list
Idr at ietf.org
https://www.ietf.org/mailman/listinfo/idr

Follow-Ups:
- Re: [Idr] [Fwd: I-D Action:draft-chen-rfc4893bis-00.txt]
  - From: Rob Shakir

References:
- [Idr] [Fwd: I-D Action:draft-chen-rfc4893bis-00.txt]
  - From: Enke Chen
- Re: [Idr] [Fwd: I-D Action:draft-chen-rfc4893bis-00.txt]
  - From: Rob Shakir

Prev by Date: [Idr] I-D Action:draft-ietf-idr-as4octet-extcomm-generic-subtype-00.txt
Next by Date: Re: [Idr] [Fwd: I-D Action:draft-chen-rfc4893bis-00.txt]
Previous by thread: Re: [Idr] [Fwd: I-D Action:draft-chen-rfc4893bis-00.txt]
Next by thread: Re: [Idr] [Fwd: I-D Action:draft-chen-rfc4893bis-00.txt]
Index(es):
- Date
- Thread