Minutes IETF106: idr
minutes-106-idr-00

IDR meeting at IETF 106 (version 1)

Session I:  Monday,  18:10-19:10,  11/18/2019

Room: Collyer

0. Agenda bashing and Chair's slides (12 mins)

Start Time: 18:10

Slides:
https://datatracker.ietf.org/meeting/106/materials/slides-106-idr-sessa-note-well
Presenter: John

- Note Well
- John talks about FlowSpec extensions. Lot of flowspec related draft continue
to come in every meeting.Flowspec components types are <type, value> pairs.
Parsers cannot skip unknown components types. Not good for extensibility. - One
way for extension is define new SAFI, but it is one-shot and cannot be extended
later. Propose not to define new component types in existing flowspec AFI/SAFI.
Should move forward with solution like Flowspecv2 draft or something similar,
which uses TLVs for components.

?(Akamai): Makes sense to Fix TLV oversight, which method doesn't matter.
Jeff Haas:  PCEP picked rformat. Flowspec v2 also try to define firewall rule
ordering. Flowspecs v2 should be taken further (rediscuss as it has been long
enough). Igor Gashinsky(Verizon Media): Cannot extend flowspecs as it will make
router failover. Let's fix it. John: Looks like consensus in room. Position of
chair going forward is that you can discuss extension drafts but we want to
prioritize groups time on getting TLV thing done, so that we can rollout
extension drafts. Sue: As coauthor of flowspecV2, we should fix TLV problems.
Suggestions are open on this. Will send out proposals on mailimg list.

1. BGP Flowspec for L2VPN and Tunnels [Donald Eastlake] (10 mins)
  https://tools.ietf.org/html/draft-ietf-idr-flowspec-l2vpn/
  https://tools.ietf.org/html/draft-ietf-idr-flowspec-nvo3/

Start Time: 18:20

Slides:
https://datatracker.ietf.org/meeting/106/materials/slides-106-idr-sessb-bgp-flowspec-for-l2vpn-and-tunnels
Presenter: Donald

Discussion:
Sue: Purpose is to see if its ready for early code points, Implementation and
feedback on the same. Jeff: Good idea to have a new pair of AFI/SAFI, using
existing AFI/SAFI will break rules. Donald: New SAFI needs to be specified.
Jeff: Existing AFI/SAFI usage will not work. John: as a WG member, fine with
using existing SAFI. Sue: Quick experimentation going into this draft... Give
code points even if we are fixing v2. John: Flowspec over new AFI/SAFI is fine,
No impairment moving with this draft. Jeff: Combination of AFI/SAFI is
important, SAFI registry 241 is reserved for private use and can be used.

2. BGP YANG Model for Service Provider Networks [Mahesh Jethanandani] (10 mins)
  https://tools.ietf.org/html/draft-ietf-idr-bgp-model/

Start Time: 18:32

Slides:
https://datatracker.ietf.org/meeting/106/materials/slides-106-idr-sessb-bgp-yang-model
Presenter: Mahesh

Discussion:
Jeff: Do we differentiate internal and External confederations
Randy: You could have internal-conferations and external-confederations.
Jeff: We have two options in the model, please take a look and see which one
makes sense. Stephane: Here we are talking about operational state or
configuration state? Jeff: This is for operational state. Rudiger Volk: A
router support YANG models should support 4-byte ASes. Ruediger: Are we
expecting Yang modelling is going to happen on Routers not with 4byte AS Acee:
I don't think you're gonna find somebody implementing the yang model that
doesn't support 4-byte AS. How many implementations are on Yang Model Jeff: For
4-Byte AS its supporting RFC 4398 Sue: Acee is this a work for you? Keychain
model... Acee: We have everything you need... key rollover exists... CLI
version have been there since long, not yang model. Donald: Is key rollover RFC
4808? Acee: Need to check on this. Jeff: If model supported by Acee yang model
support then this will be supported by inheritance Stephane: TCP AO? Acee:
IPsec is not for TCP. Acee: For IPsec - need to define. Jeff: BGP Confed is
supported by some implementations Acee: We looked into TCP OA model while doing
yang model. Sue: Implementations exists... can these things get standard. Put
together description, separate draft... Acee: For IGP model, draw a line and no
more feature after that. Features needs to come in augmentation. Part of base
model but lack ref. Haibo Wang: How to support multiple BGP instances? Sue:
Excellent question, but think it will not be covered in this model. Jeff: NMDA
model will give some info being looked for. Alvaro: Will you document these
feature somewhere? Sue: Some documentation is needed. Break doc into multiple
docs. Alvaro: Document these features. Some info can be put into draft. Acee:
Some info can be put in description in yang model, does not apply for
everything. John: In interest of time, we need to cut short here. We can
continue later.

3. BGP Extensions for IDs Allocation [Huaimo Chen] (5 mins)
  https://tools.ietf.org/html/draft-wu-idr-bgp-segment-allocation-ext/

Start Time : 18:49

Slides :
https://datatracker.ietf.org/meeting/106/materials/slides-106-idr-sessb-bgp-extensions-for-ids-allocation
Presenter: Huaimo

Discussion:
- Request for adoption
- No questions asked/discussed.

4. BGP Flow Specification for SRv6 [Huaimo Chen] (5 mins)
  https://tools.ietf.org/html/draft-li-idr-flowspec-srv6/

Start Time : 18:52

Slides :
https://datatracker.ietf.org/meeting/106/materials/slides-106-idr-sessb-bgp-flow-specification-for-srv6
Presenter: Huaimo

Discussion:
Sue: Does Flowspec for SRv6 need to harmonize with regular IPv6?
Huaimo: We extend this to multiple domains inside SRH.
Sue: How is SRv6 working coming?
Acee: Is there a requirement or framework for this? Draft for every encap.
Sue: Additional request for flowspec comes... Original def of Flowspec was a
targeted audience/request... How is it in deployment? Talk about implementation
Acee: Header doc is done... Keyur: Suggest to use flowspecv2 and single SAFI to
support different TLVs. Avoid SAFI explosion Jeff: Flowspecs filter getting
used for 2 big cases - ddos(firewall) and traffic engineering purpose.

5. SR Path Ingress Protection [Huaimo Chen] (5 mins)
  https://tools.ietf.org/html/draft-chen-idr-sr-ingress-protection/

Start Time : 18:58

Slides :
https://datatracker.ietf.org/meeting/106/materials/slides-106-idr-sessb-sr-path-ingress-protection
Presenter: Huaimo

Discussion:
Sue:  Where are spring policies being used for? Call for operators input on the
new features. Andrew: Liquid telecom is using SR policies. Like using SR policy
to route traffic. A simpler way maybe to send separate paths to the nodes and
use community. Sue: Request for similar comments.

6. Revised BGP Maximum Prefix Limits [Job Snijders] (10 mins)
  https://tools.ietf.org/html/draft-sa-idr-maxprefix/

Start Time : 19:02

Slides :
https://datatracker.ietf.org/meeting/106/materials/slides-106-idr-sessb-revised-bgp-maximum-prefix-limits
Presenter: Job Snijders

Discussion:
John: Make your points on mailing list and discuss.

Session Ends here : 19:15

Thanks.

[3 minutes for switching]

----------------------------------------------------------------------------------------------------------------------

Session II:  Thursday,  17:40-18:40,  11/21/2019

Room: Olivia

0. Agenda bashing (2 mins)

Start time: 17:40

Slides:
https://datatracker.ietf.org/meeting/106/materials/slides-106-idr-sessa-note-well
        https://datatracker.ietf.org/meeting/106/materials/slides-106-idr-sessa-auto-discovery-design-team-chairs
Presenter: John

Discussion:
John talks about auto discovery.
John: We did not have clear conclusion last time we discussed. Drafts are very
close in semantics. Acee: All drafts have copied mine (joke). John: This is
time to get design team to get together and come up with one unified design by
next IETF. Design team to be put together in 2weeks. Randy: Conclude by next
IETF? Its unrealistic goal to conclude by next IETF. John: Point is well taken.
John: Design team is not long term. Susan: There will be open meetings on
webex, anyone can participate.

1. BGP Provisioned IPsec Tunnel Configuration [Jun Hu] (10 mins)
   https://tools.ietf.org/html/draft-hujun-idr-bgp-ipsec/
   https://tools.ietf.org/html/draft-hujun-idr-bgp-ipsec-transport-mode/

Start time: 17:46

Slides:
https://datatracker.ietf.org/meeting/106/materials/slides-106-idr-sessa-bgp-provisioned-ipsec-tunnel-configuration
Presenter: Hu Jun

Discussion:
Stephen: With these two drafts is chair planning to obsolete 6566?
Sue: I think they are different, I need to check on how much is overlap. I will
need opinion John: Does anyone have reason why we should not obsolete 6566
Linda: How do we extend BGP updates? We are going through untrusted domain
here. Hu: This is just a control plane protocol, there are mechanism like
outbound-filters which can be used. Linda: Is this info encrypted. You propose
sub-tlv¡¯s which can be encoded in nexthop? Hu: That is already included in
draft. Jeff: Everything in tunnel attribute has security concern. Jeff: For
SRv6 will may go through internet, the security consideration may change a
little bit. Sue: I need more info to take decision on this draft. Sue: Do you
feel this draft address all security end points? This will help take a call on
working group adoption. Hu: mailing list has answer. Jeff: Work is worth to be
working on but taking care of security is challenging

2. SDWAN WAN Ports Property Advertisement in BGP UPDATE [Linda Dunbar] (10 mins)
  https://tools.ietf.org/html/draft-dunbar-idr-sdwan-port-safi/

Start time: 18:01

Slides:
https://datatracker.ietf.org/meeting/106/materials/slides-106-idr-sessa-sdwan-wan-ports-property-advertisement-in-bgp-update
Presenter: Linda Dunbar

Discussion:
John£ºDoes it mean you want to ship it or make it for demo? This looks like
standard track. Acee: Think this is a standard track. John: To demonstrate how
BGP is used? Do you want to try this as demo or ship? Linda: Its for shipping.
John: Do you think its worth solution Linda: Yes John: FCFS cannot ask as
standard, is it correct? Linda: Other content can be merged together. Acee:
Read the document¡­ thought standard is correct.

3. Deprecation of AS_SET and AS_CONFED_SET in BGP [Sriram Kotikalapudi] (10
mins)
  https://tools.ietf.org/html/draft-ietf-idr-deprecate-as-set-confed-set/

Start time: 18:12

Slides:
https://datatracker.ietf.org/meeting/106/materials/slides-106-idr-sessa-deprecation-of-as-set-and-as-confed-set-in-bgp
Presenter: Sriram, Jeff Haas

Discussion:
Sue: There is some desire to see RFC 4276¡­ This might not be problem you are
thinking. Idea is to document what is existing and not to do new feature. Jeff:
No new code is needed to do correct thing here¡­ implementation take care of
this. Policy can be added to match and drop prefix. RPKI filtering is becoming
more common. Warren: It is a huge job to put RFC 4271 into full standard.
Jared: Thanks for finding AS¡¯s. We want to clear or drop these there should be
some soft knob to allow to drop. God: Removing RFC is a huge job Sue: This
needs to happen soon or later Igor: This is good and needs to be done. Can you
give people a knob as a workaround? ¨C Default way to doing aggregation. Knob
will be very helpful Ruediger: Should consider to clear up the 2 byte ASes.
Ruediger: Deprecating some artifacts we should also consider cleanup 2 Byte AS,
as far as possible.

4. Advertising Segment Routing Policies in BGP [Ketan Talaulikar] (5 mins)
  https://tools.ietf.org/html/draft-ietf-idr-segment-routing-te-policy/

Start time: 18:29

Slides:
https://datatracker.ietf.org/meeting/106/materials/slides-106-idr-sessa-advertising-segment-routing-policies-in-bgp
Presenter: Ketan

Discussion:
No questions, time running short

5. Application Specific Attributes Advertisement with BGP Link-State [Ketan
Talaulikar] (5 mins)
  https://tools.ietf.org/html/draft-ietf-idr-bgp-ls-app-specific-attr/

Start time: 18:30

Slides:
https://datatracker.ietf.org/meeting/106/materials/slides-106-idr-sessa-advertising-segment-routing-policies-in-bgp
Presenter: Ketan

Discussion:
Susan: Does this document should be a stand-alone document?
Acee: Think so, the IGP drafts move faster. There are 2 docs in queue for
review.

6. BGP Flexible Color-Based Tunnel Selection [Yimin Shen] (10 mins)
  https://tools.ietf.org/html/draft-shen-idr-flexible-color-tunnel-selection/

Start time:18:32

Slides:
https://datatracker.ietf.org/meeting/106/materials/slides-106-idr-sessa-bgp-flexible-color-based-tunnel-selection
Presenter: Yimin Shen

Discussion:
Sue: Have you shown this to spring folks? It¡¯s worth discussing.
Yimin: we have not
Sue: Can you compare it with the use of Tunnel Encap attribute for color in
Jun¡¯s draft other than the IPsec part? Yimin: Tunnel encap path attribute
applies to prefix tunnels are built upon¡­ John: Please take this offline.

7. Destination-IP-Origin-AS Filter for BGP Flow Specification [Haibo Wang] (5
mins)
  https://tools.ietf.org/html/draft-wang-idr-flowspec-dip-origin-as-filter/

Start time: 18:41

Slides:
https://datatracker.ietf.org/meeting/106/materials/slides-106-idr-sessa-destination-ip-origin-as-filter-for-bgp-flow-specification
Presenter: Wang Haibo

Discussion:
Jeff: Review comments on mailing list stand .pay attention¡­ Flowspec operates
as firewall rules, here crosses the boundary between firewall and RIB. Acee: I
agree to Jeff. Have concern about putting all BGP attributes to FIB. Jeff: AS
number and other BGP attributes are never in FIB. It is not a good idea. Aijun
Wang: Maybe just consider the AS number for flexible traffic steering. Jie: You
need to advertise only one rule from the server, how it is installed in device
is implementation specific. Can be expanded to several rules, or just one.

8. Color Operation with BGP Label Unicast [Louis Chan] (5 mins if time permits)
  https://tools.ietf.org/html/draft-chan-idr-bgp-lu2/

Start time: NA (Follow on mailing list)

Slides:
https://datatracker.ietf.org/meeting/106/materials/slides-106-idr-sessa-color-operation-with-bgp-lu
John: To be followed on mailing list, time is up... cannot be accommodated.

End Time: 18:46

Session ends here @ 18:46

Thanks.