Jorge,
> On Jun 24, 2024, at 8:04 AM, Jorge Rabadan (Nokia) <[email protected]> > wrote: >> I understand that for this D-PATH feature that the providers should be >> "mutually cooperating" and thus this may be a trivial or even silly concern. >> But if it ever becomes competing providers, this becomes a conversation >> about money. >> > [jorge] ok, I think ask the chairs for 5 minutes at IETF120 to discuss this > and bring awareness. For the moment we can leave it as is, since there are > implementations doing this. Thanks for the discussion. I'll try to be available for that discussion. However, as usual, bess has conflicts with other work of interest for me. >> It'd be helpful if you did. I'm glad I came to the appropriate conclusion >> as a semi-informed reader, but for these sorts of steps having the algorithm >> explicitly written out can remove doubt. > > [jorge] hopefully the text makes it better now: > > “Then routes with the numerically lowest left-most Domain-ID are preferred > (only the Domain-ID is compared, and not the ISF_SAFI_TYPE). Hence, routes > not tied for the numerically lowest left-most Domain-ID are removed from > consideration. When comparing two Domain-IDs, the two six byte values are > compared starting with the Global Admin field. The lowest value in the first > differing byte between the two six byte values, is considered to belong to > the "numerically lowest Domain-ID"” This works. >> Some explicit text would be appreciated. While escape isn't expected, we're >> partially having some of this review because escape has been observed from >> existing implementations. > > [jorge] OK, added some text in the security considerations section, and also > in section 4. We can always improve it at a later version. Part of the additional text you've added is this: "As an additional security mechanism, a PE following this specification that receives an EVPN route from a non-upgraded PE should discard the route via policy if the route contains the D-PATH attribute." How do you tell if the PE is "non-upgraded"? Note that such considerations were part of the reason I urged the dpath authors towards a BGP capability. :-) -- Jeff
_______________________________________________ BESS mailing list -- [email protected] To unsubscribe send an email to [email protected]
