[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Last Call: Ingress Filtering for Multihomed Networks to BCP

To: Fred Baker <fred@cisco.com>
Subject: Re: Last Call: Ingress Filtering for Multihomed Networks to BCP
From: Daniel Senie <dts@senie.com>
Date: Mon, 14 Jul 2003 10:17:00 -0400
Date: Tue, 15 Jul 2003 07:18:58 +0000
Cc: iesg@ietf.org, psavola@funet.fi
In-reply-to: <5.2.0.9.2.20030714155432.0554ba00@mira-sjc5-b.cisco.com>
References: <5.2.1.1.2.20030714093011.02d0b550@mail.amaranth.net><200307092316.TAA28501@ietf.org>

At 09:58 AM 7/14/2003, you wrote:

At 09:46 AM 7/14/2003 -0400, Daniel Senie wrote:
While this proposed update deals with operational issues, failing to discuss the possibility of RIB-based RPF

just checking. The RIB, in my parlance, contains the information that neighboring routers have sent to me; of that, I take a subset and build a FIB.

The RIB is the totality of routing information in the router. The FIB is the present best-path route information. Given inclusion of all routing information from neighbors (from your text below), I'd suggest what I am looking for is an interpreted version of the RIB. This may well be an implementation issue as well, in that the contents of the RIB could be filtered against policy at time of receipt rather than expending resources to store the information.

If something is not in my FIB, it is because someone wrote a policy that says I should not use it or should select other information as a matter of preference. If the policy is that I should not select or should not use certain information for routing, why would I use it for validation?

In referring to the RIB, I was (am) referring to the totality of POSSIBLE, PERMITTED routes, not just the optimal routes, and NOT the routes excluded by policy. Many routers do not store secondary, higher-cost routes in the FIB. They instead generate a new FIB in the event an interface goes down or other event alerts them to recalculate (neighbor reset, etc.). As such, the FIB may contain only the presently-selected path to a destination. My concern in regards to RPF is to have it check against all possible (permitted) routes to a destination, not just the one optimal route. The "Loose RPF" used by one or more vendors is much weaker than this, in that it only checks for presence anywhere in FIB, meaning packets could go out interfaces which are not appropriate.

I would be happy to discuss my concerns with the authors of the document, but do not believe the document is ready for publication in its present form.

of course I would be happy to discuss, and I'd be happy to receive your proposed text changes.

Thanks. It would seem a bit more discussion may be in order before proposing text.

Sorry I missed the announcement of this document in the flurry of draft announcements, or I'd have commented earlier.

References:
- Re: Last Call: Ingress Filtering for Multihomed Networks to BCP
  - From: Fred Baker <fred@cisco.com>

Prev by Date: Re: Last Call: Ingress Filtering for Multihomed Networks to BCP
Next by Date: Re: status of hip
Previous by thread: Re: Last Call: Ingress Filtering for Multihomed Networks to BCP
Next by thread: Re: Last Call: Ingress Filtering for Multihomed Networks to BCP
Index(es):
- Date
- Thread