Hi Ben, Thanks for your review.
An update to the draft with to address some of yours, John's and Eric's comments has just been posted : https://datatracker.ietf.org/doc/html/draft-ietf-lsr-ospf-prefix-originator-11 Please check inline below for responses. -----Original Message----- From: Lsr <[email protected]> On Behalf Of Benjamin Kaduk via Datatracker Sent: 07 April 2021 11:38 To: The IESG <[email protected]> Cc: [email protected]; [email protected]; [email protected]; [email protected]; [email protected] Subject: [Lsr] Benjamin Kaduk's No Objection on draft-ietf-lsr-ospf-prefix-originator-10: (with COMMENT) Benjamin Kaduk has entered the following ballot position for draft-ietf-lsr-ospf-prefix-originator-10: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-lsr-ospf-prefix-originator/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- In the ECMP case is there a way to correlate (order of appearance?) the listed router-IDs with the listed reachable addresses? [KT] No. Are there cases where you might choose to only advertise one but not the other of the prefix source Router-ID and address? [KT] Normally no. However, there is some text in Sec 5 about policies that may be employed to abstract/hide information (e.g. across areas/ASes) - such mechanisms may be used, as necessary, in a deployment. Section 2.1 The parent TLV of a prefix advertisement MAY include more than one Prefix Source OSPF Router-ID sub-TLV, one corresponding to each of the Equal-Cost Multi-Path (ECMP) nodes that originated the given prefix. Is there any subtlety (or complexity, I guess) to how the advertising node knows about the other ECMP nodes advertising the same prefix? [KT] An ABR performs the inter-area prefix advertisements based on its local route computation (i.e. the sources contributing to its local intra-area route). It is not affected by the advertisement of the same prefix by another "peer/pair" ABR. I hope I've got your question right though. For example, would there be some transient discovery stage when first setting up the ECMP advertisement and only a subset of the ECMP nodes are actually listed in some advertisements that go out? [KT] Taking the scenario of the previous response, the inclusion of ECMP origin node information would depend on how the ABR router receives the intra-area prefix advertisements via LSAs from the nodes owning that prefix, how they get processed by the SPF computation and then how they get included in the inter-area route advertisements that the ABR generates. There are various timers and scheduling mechanisms in the protocol for each of these steps - but I would not call these timers/back-off mechanisms as "discovery". Section 3 another non-backbone area. The ABR performs its prefix calculation to determine the set of nodes that contribute to the best prefix reachability. It MUST use the prefix originator information only from this set of nodes. The ABR MUST NOT include the Prefix Source OSPF Router-ID or the Prefix Source Router Address Sub-TLVs when it is unable to determine the information of the best originating node. I feel like this text might be hiding some subtlety as to the nature of determining the "nodes that contribute to the best prefix reachability" -- is this a concept that is well established in the core OSPF RFCs already (and thus doesn't need further explanation)? [KT] Yes, it is a well-established part of the OSPF protocol/implementations. Section 4 We often consider privacy considerations as part of the security considerations section. Since routers are to some extent inherently "well known", they themselves may not have much privacy considerations but there may be something to say about propagating additional information about the internal structure of a given network. My understanding is that OSPF areas are all under a common administrative domain, so this mostly only seems relevant to the case of AS-external advertisement. One potential consideration would be if there is value in hiding that a set of prefixes are all advertised by the same router (the "linkability" of the prefixes, if you well). (Hmm, I guess this is somewhat related to the existing operational considerations discussion, but not entirely equivalent.) [KT] Yes, it is related. Hence the text in Sec 5 to cover the scenarios where there may be a desire to hide/abstract a set of prefixes' origin info while allowing for other prefixes. If we go into more detail on potential use cases, we might accordingly be able to go into more detail on the consequences of a rouge node injecting incorrect prefix source information. [KT] We are focusing on the OSPF protocol specification here. The details of the use-cases are beyond the scope of this document. Section 5 protocol. Based on deployment design and requirements, a subset of prefixes may be identified for which the propagation of the originating node information across area boundaries is disabled at the ABRs. Per my previous comment, is this even more important at ASBRs than ABRs? [KT] Ack. I will update this in the text. NITS Section 1 The identification of the originating router for a prefix in OSPF varies by the type of the prefix and is currently not always possible. [...] (nit) my intuition is suggesting that the intent is that the "procedures for identification" vary and are not always possible; is that correct? (It seems to me that "the identification of the originating router varies by the type of prefix" would indicate that the actual identifier used for even the same advertising router will be different for the different type of prefix being advertised, which doesn't seem to be what the subsequent discussion describes.) [KT] The procedures are actually described in the further sentences of the paragraph. It also explains the cases where this is not possible. address for the router. The IPv4/IPv6 Router Address as defined in [RFC3630] and [RFC5329] for OSPFv2 and OSPFv3 respectively provide an address to reach that router. (nit) Is it useful to indicate that these are TLVs, here? [KT] The IPv4/IPv6 Router Address is in fact the name of the TLVs in the referenced drafts. the core OSPF route computation functionality. They provide useful information for topology analysis and traffic engineering, especially on a controller when this information is advertised as an attribute of the prefixes via mechanisms such as Border Gateway Protocol Link- State (BGP-LS) [RFC7752] [I-D.ietf-idr-bgp-ls-segment-routing-ext]. The draft-ietf-idr-bgp-ls-segment-routing-ext reference seems rather unmotivated by the current prose leading up to it. [KT] It is an informational reference that explains how the information is provided to an external controller or application via BGP-LS. Per John's Discuss some further exposition on the expected use case might help. [KT] As mentioned in my response to John's Discuss, the further detailed discussion on use cases are beyond the scope of this document. Thanks, Ketan _______________________________________________ Lsr mailing list [email protected] https://www.ietf.org/mailman/listinfo/lsr _______________________________________________ Lsr mailing list [email protected] https://www.ietf.org/mailman/listinfo/lsr
