Re: [GROW] Secdir last call review of draft-ietf-grow-bgp-session-culling-04
"Will Hargrave" <will@harg.net> Mon, 25 September 2017 16:29 UTC
Return-Path: <will@harg.net>
X-Original-To: grow@ietfa.amsl.com
Delivered-To: grow@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B8EAA1344D8; Mon, 25 Sep 2017 09:29:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6D8RLVnCqfGe; Mon, 25 Sep 2017 09:29:30 -0700 (PDT)
Received: from mail0.lonap.net (mail0.lonap.net [IPv6:2a00:eb20:100::10]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C86491344B4; Mon, 25 Sep 2017 09:29:29 -0700 (PDT)
Received: from [188.246.198.145] by mail0.lonap.net with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from <will@harg.net>) id 1dwWG5-0008AH-6b; Mon, 25 Sep 2017 17:29:27 +0100
From: Will Hargrave <will@harg.net>
To: Paul Wouters <paul@nohats.ca>
Cc: secdir@ietf.org, grow@ietf.org, draft-ietf-grow-bgp-session-culling.all@ietf.org, ietf@ietf.org
Date: Mon, 25 Sep 2017 17:29:24 +0100
Message-ID: <ABA19C9B-7226-4001-86F9-9BDAAA21942C@harg.net>
In-Reply-To: <150635434992.27366.574012206348474088@ietfa.amsl.com>
References: <150635434992.27366.574012206348474088@ietfa.amsl.com>
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"
X-Mailer: MailMate (1.9.7r5419)
Archived-At: <https://mailarchive.ietf.org/arch/msg/grow/0Sw-8r1bnquZd-uHlWQsO67b6b0>
Subject: Re: [GROW] Secdir last call review of draft-ietf-grow-bgp-session-culling-04
X-BeenThere: grow@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Grow Working Group Mailing List <grow.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/grow>, <mailto:grow-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/grow/>
List-Post: <mailto:grow@ietf.org>
List-Help: <mailto:grow-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/grow>, <mailto:grow-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Sep 2017 16:29:32 -0000
On 25 Sep 2017, at 16:45, Paul Wouters wrote: > This document basically states that people doing network maintenance > so often > make mistakes that leak into the global BGP table, that it would be a > good idea > to just firewall all the BGP traffic going out of your network edge as > a > preventive measure. It's a sad state of software/firmware that an > external > firewalling process is deemed necessary to properly (re)configure BGP. Hi Paul, I am afraid you have got the wrong end of the stick here. This technique is intended for IXP and other L2 operators, not those who operate BGP speakers / IP networks. It is a workaround to unwanted blackholing of traffic as a result of the dataplane being broken whilst waiting for BGP holdtimers to expire - nothing to do with actual BGP route policy. I gave a presentation earlier this year at the UK Network Operators Forum which attempts to explain this https://indico.uknof.org.uk/event/39/contribution/8 Regards, Will
- [GROW] Secdir last call review of draft-ietf-grow… Paul Wouters
- Re: [GROW] Secdir last call review of draft-ietf-… Will Hargrave
- Re: [GROW] Secdir last call review of draft-ietf-… Job Snijders