Last Call Review of draft-ietf-grow-route-leak-problem-definition-04
review-ietf-grow-route-leak-problem-definition-04-genart-lc-resnick-2016-03-21-00

Request Review of draft-ietf-grow-route-leak-problem-definition
Requested rev. no specific revision (document currently at 06)
Type Last Call Review
Team General Area Review Team (Gen-ART) (genart)
Deadline 2016-03-28
Requested 2016-03-16
Authors Kotikalapudi Sriram, Doug Montgomery, Danny McPherson, Eric Osterweil, Brian Dickson
Draft last updated 2016-03-21
Completed reviews Genart Last Call review of -04 by Pete Resnick (diff)
Genart Telechat review of -04 by Pete Resnick (diff)
Opsdir Last Call review of -04 by Carlos Pignataro (diff)
Rtgdir Early review of -04 by Mach Chen (diff)
Assignment Reviewer Pete Resnick
State Completed
Review review-ietf-grow-route-leak-problem-definition-04-genart-lc-resnick-2016-03-21
Reviewed rev. 04 (document currently at 06)
Review result Almost Ready
Review completed: 2016-03-21

Review
review-ietf-grow-route-leak-problem-definition-04-genart-lc-resnick-2016-03-21

I am the assigned Gen-ART reviewer for this draft. The General Area
Review Team (Gen-ART) reviews all IETF documents being processed
by the IESG for the IETF Chair.  Please treat these comments just
like any other last call comments.

For more information, please see the FAQ at

<http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>.

Document: draft-ietf-grow-route-leak-problem-definition-04
Reviewer: Pete Resnick
Review Date: 2016-03-21
IETF LC End Date: 2016-03-28

Summary: This draft is on the right track but has open issues, described 
in this review.

Major issues:

None.

Minor issues:

- Figure 1, along with the discussion of it in section 3, was confusing 
to me. First of all, am I correct that the example displays *two* leaks? 
That is, there's the leak from AS3 to ISP2, and then there are the 
propagated leaks from ISP2 to the rest of the world. Also, "(P)" seems 
to be used as both a leaked prefix (from ISP1 through AS3 to ISP2 and 
then propagated from there) as well as what looks to be a normal prefix 
update between ISP1 and ISP2. Are all of the occurrences of "(P)" in 
Figure 1 identical? Or is the prefix update between ISP1 and ISP2 also a 
leak? What leaks is Figure 1 intended to show?

- In 3.1: "The leak often succeeds because...". Do you really means 
"succeeds" and not "occurs"? If so, what does "succeeds" mean in this 
context?

- The description in section 3.5, starting from "However", really needs 
a complete rewrite. It's ungrammatical to the point that I'm not really 
sure I understand what it is trying to say.

Nits/editorial comments:

- I've mentioned before that I find the "academic research paper" style 
a bit jarring in IETF documents. I particularly don't like the use of 
"we" and "us", since it's not clear whether "we" is the authors (which 
is how it's used in academic papers, but is inappropriate for an IETF 
document), the WG, the IETF, etc. Instead, I would replace all instances 
of "we" with "this document", or simply re-word into the passive, since 
a subject is rarely needed for these sentences. For example, the 
abstract could be rewritten as such:

    A systemic vulnerability of the Border Gateway Protocol routing
    system, known as 'route leaks', has received significant attention 
in
    recent years.  Frequent incidents that result in significant
    disruptions to Internet routing are labeled "route leaks", but to
    date a common definition of the term has been lacking.  This 
document
    provides a working definition of route leaks, keeping in mind the
    real occurrences that have received significant attention. Further,
    this document attempts to enumerate (though not exhaustively)
    different types of route leaks based on observed events on the
    Internet.  The aim is to provide a taxonomy that covers several 
forms
    of route leaks that have been observed and are of concern to 
Internet
    user community as well as the network operator community.

Please do similar edits throughout.

Similarly, the referencing of authors by name seems like bad form for an 
IETF document.

OLD
    This document builds on and extends earlier work in the IETF by
    Dickson 
[draft-dickson-sidr-route-leak-def][draft-dickson-sidr-route-
    leak-reqts].
NEW
    This document builds on and extends earlier work in the IETF
    [draft-dickson-sidr-route-leak-def][draft-dickson-sidr-route-leak-
    reqts].
END

OLD
                              Mauch [Mauch] observes that these are
       anomalies and potentially route leaks because very large ISPs 
such
       as ATT, Sprint, Verizon, and Globalcrossing do not in general buy
       transit services from each other.  However, he also notes that
       there are exceptions when one very large ISP does indeed buy
       transit from another very large ISP, and accordingly exceptions
       are made in his detection algorithm for known cases.
NEW
                              [Mauch] observes that these are anomalies
       and potentially route leaks because very large ISPs such as ATT,
       Sprint, Verizon, and Globalcrossing do not in general buy transit
       services from each other.  However, it also notes that there are
       exceptions when one very large ISP does indeed buy transit from
       another very large ISP, and accordingly exceptions are made in 
its
       detection algorithm for known cases.
END

- Last paragraph in section 2: I'm left wondering what sorts of things 
that other folks might consider leaks *aren't* covered by the 
definition. Perhaps you want to mention that?

- In 3.6, when you say "more specifics", are you using that as a noun to 
mean "more specific prefixes"? It's very hard to read in its current 
form.

- Section 5 is superfluous. I'd delete it.

- On a side note, I must say that the writing style of the "Example 
incidents" caused me quite a bit of giggling. "Examples include 
symmetrical book stacking, just like the Philadelphia mass turbulence of 
1947, and the biggest interdimensional crossrip since the Tunguska blast 
of 1909 [GhostBusters1984]." Reading them aloud helps. :-) (No need for 
a change; they're fine as is. They just sound funny to a person not in 
the field.)

pr
-- 
Pete Resnick <http://www.qualcomm.com/~presnick/>
Qualcomm Technologies, Inc. - +1 (858)651-4478