IETF Logo Mail Archive

Re: [Bgp-autoconf] Discussion about BGP autoconf requirements in DC

Robert Raszuk <robert@raszuk.net> Sat, 08 February 2020 20:55 UTC

Return-Path: <robert@raszuk.net>
X-Original-To: bgp-autoconf@ietfa.amsl.com
Delivered-To: bgp-autoconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3109E120090 for <bgp-autoconf@ietfa.amsl.com>; Sat, 8 Feb 2020 12:55:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=raszuk.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id L0oyzHxn8p62 for <bgp-autoconf@ietfa.amsl.com>; Sat, 8 Feb 2020 12:55:23 -0800 (PST)
Received: from mail-oi1-x231.google.com (mail-oi1-x231.google.com [IPv6:2607:f8b0:4864:20::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 478E3120020 for <bgp-autoconf@ietf.org>; Sat, 8 Feb 2020 12:55:23 -0800 (PST)
Received: by mail-oi1-x231.google.com with SMTP id v19so5523717oic.12 for <bgp-autoconf@ietf.org>; Sat, 08 Feb 2020 12:55:23 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=raszuk.net; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=6C9AYX7YzIkxd8N8qsCjSDdmfoS6HmBzfdytvfdkJq4=; b=A6l6NnUphVo5exurVzIwWiswcxKJl7JmwvomqRsodDs+NNlTrNl9xdiMzh9w1vSAR2 j3JASnBmQX3tdQ3angKAK0UODNyYGsAtXzOJQPF7rMARxYgoEqAVRiwPY7zFAiSfhfpG rf/cZgYPEEE9J2Fgcv+W7U8VXudvCbvaYSQdndqmALpm8BrbrjvIlgB2mmYvIzMcDOHK 5laqitwBV/a3kAGY5W5AG4t1AcN27dXuyhk1roaS+IaCsEwc8ISCHsfcIP9WmYfDEpAo A+65r2aaXwVICOs0fi2G7Foy6T3oOAraoPOPz6dovnjTY8DsbEcBzh+25xsjytx2tBYH GkAA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=6C9AYX7YzIkxd8N8qsCjSDdmfoS6HmBzfdytvfdkJq4=; b=ozgX5aWuseWvyRLt3zvz29+m9W8SFnEG5c+GsTwN7Jtnpot99PTy8K9WNlUNVqghfU V1zTwAQx3ocCLChD3Xd7s2juxFWJj1UamTB+R9GBe4YCVCAgQgdX/HYCkZY8OqH0m3m3 MUdNpxyYdNz26nY1Ezk5yHy7LPIk3v56qfZw59OvA6tnvg8PSs0DEkRJk6dMcYSTc76S hQy2MvIr9li795PNY2dp8gqCTdZOBZlGcDC+84W9dNG4p3PwPGId7TKOaCf6pmZ5HQGJ 7L7apBgDq7xKbu2tRpwqR4343AEJMp4iMj1OLyq4uAr3MnTzZIkJeEmqg3jLPPlr/uwB fjuA==
X-Gm-Message-State: APjAAAUKZGV+SCp7YasCc9VS77/CVeGW7zxca8WbsP0yAeBwo4R0yyqy L1Neu5odfKxdWe0+UPa68yQUBIbfk/bBHpFfk3vqEPjD
X-Google-Smtp-Source: APXvYqw12ciX5Suvj+JXUtUQh/xRY1qilWURRZt19gs8HqL+FqtPepw8E8JjJIJHzQxyemDks742SyOGqpzvZbZ7swk=
X-Received: by 2002:a05:6808:611:: with SMTP id y17mr6021114oih.146.1581195322400; Sat, 08 Feb 2020 12:55:22 -0800 (PST)
MIME-Version: 1.0
References: <89bb996682564b99af57133a76b8dc6b@huawei.com> <m2a75u3tcx.wl-randy@psg.com> <CAOj+MMH7ERDbHt6jy1guLUg-ncqbVhv5GaYTd2Hb4a6R82sd7w@mail.gmail.com> <m27e0y3rfq.wl-randy@psg.com> <CAOj+MMGeCS10NpXxaWj82urs8xV03oF8Lm6B_xxxkZduBMUcRA@mail.gmail.com> <m2mu9s3nig.wl-randy@psg.com>
In-Reply-To: <m2mu9s3nig.wl-randy@psg.com>
From: Robert Raszuk <robert@raszuk.net>
Date: Sat, 08 Feb 2020 21:55:11 +0100
Message-ID: <CAOj+MMHv1gkyMn6McHkm9p3WwUF3JpxEJ4XeJ2w8Pr5nnHL3gg@mail.gmail.com>
To: Randy Bush <randy@psg.com>
Cc: bgp-autoconf@ietf.org
Content-Type: multipart/alternative; boundary="0000000000008334f3059e16b93f"
Archived-At: <https://mailarchive.ietf.org/arch/msg/bgp-autoconf/Rveoe3ZEKYXhR0M5RhKpIIoN9eI>
Subject: Re: [Bgp-autoconf] Discussion about BGP autoconf requirements in DC
X-BeenThere: bgp-autoconf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: BGP autoconfiguration design team discussion list <bgp-autoconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bgp-autoconf>, <mailto:bgp-autoconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bgp-autoconf/>
List-Post: <mailto:bgp-autoconf@ietf.org>
List-Help: <mailto:bgp-autoconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bgp-autoconf>, <mailto:bgp-autoconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 08 Feb 2020 20:55:25 -0000

>
> > I am not stating that we should or should not but do we have full
> > agreement that DC case must cover any other BGP peering except p2p and
> > lo2lo over p2p ? Is there a real requirement to discover your peers
> > few IP hops away ?
>
> how do we socialize this question?  maybe we, as the dt, put out a short
> goals statement on idr and see if it flies?
>

It would be interesting to first get a sense how dt feels about it ?

We already divided DC from WAN/IXP spaces.

For WAN/IXP clearly multihop is a requirement. But IMHO for DC it is not.
Anyone has a different opinion and could explain why ?

/* I am not sure how do we probe for such questions even within dt :) */

> As far as md5, A0, XYZ to validate if you are legitimate peer this
> > really is not an autodiscovery part. IMO it should be part of
> > preconfigured template.
>
> having a bit of infosec blood, i am a bit more concerned.  but you are
> right, it's tough; either a leap of faith or a bleedin' infrastructure;
> see draft-ymbk-lsvr-l3dl-signing.


By all means you know much more in this space. My comment was just coming
from past experience when we designed auto CE peering to PE via BGP for ATT
they just insisted about two features: prefix range check and MD5 pre cfg.

v2.23.0 | Report a Bug | By Email