Re: [GROW] draft-ietf-grow-bgp-gshut status?
Job Snijders <job@ntt.net> Mon, 12 June 2017 23:41 UTC
Return-Path: <job@instituut.net>
X-Original-To: grow@ietfa.amsl.com
Delivered-To: grow@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2CFD9127599 for <grow@ietfa.amsl.com>; Mon, 12 Jun 2017 16:41:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.699
X-Spam-Level:
X-Spam-Status: No, score=-4.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-2.8] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7JXMCanS9oh0 for <grow@ietfa.amsl.com>; Mon, 12 Jun 2017 16:40:59 -0700 (PDT)
Received: from mail-wr0-f174.google.com (mail-wr0-f174.google.com [209.85.128.174]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 88FA5126DEE for <grow@ietf.org>; Mon, 12 Jun 2017 16:40:59 -0700 (PDT)
Received: by mail-wr0-f174.google.com with SMTP id v104so114880865wrb.0 for <grow@ietf.org>; Mon, 12 Jun 2017 16:40:59 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=Kdm1kXjLYtXkhOYk4F9y0lccRdTCZbocOLGEJR8es9g=; b=c4FH5vVcMzjG/eFFXbNlFGYBDcu0xXKaO7p/8eWHnddSm8BzuOaZ76hg3aFVffDfi3 6UFRpsxTC1eyd6Rxf+HzfyKw8KR8G0plu9kv8QuuPSo7FRgTKWxlwEfe3M43thbrxaIQ /cPc0f1/C+guGrsMwNPIAgVeyEcTPmJ6LE/Vvy4qEOd0iZYlWqJdhEkVScyG3nA+fpZg neCy3vaoFa1p5vsw+FK/PTN4VapakPNmousQKG/1fwULjDWn++2u9A8byuLi3hzxWAHj CyLKAVYW9FFd7jSjLEP0fQQron2VYGO+G+lduylG4Yq4VXC250c31qOkRRZts/ZwV5/7 E6XA==
X-Gm-Message-State: AODbwcDbMwhcJpn4dUFzXP5U88RxCqSQUova/G6s07KsEWePz/o34T8K qyZh6nsc2SfXRBR8
X-Received: by 10.80.205.212 with SMTP id h20mr45261874edj.58.1497310857882; Mon, 12 Jun 2017 16:40:57 -0700 (PDT)
Received: from localhost ([89.200.37.231]) by smtp.gmail.com with ESMTPSA id l25sm9504265eda.38.2017.06.12.16.40.56 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 12 Jun 2017 16:40:56 -0700 (PDT)
Date: Tue, 13 Jun 2017 01:40:55 +0200
From: Job Snijders <job@ntt.net>
To: bruno.decraene@orange.com
Cc: "grow@ietf.org" <grow@ietf.org>
Message-ID: <20170612234055.27wh7qcxhbpddabu@Vurt.local>
References: <20170315131039.gxle23rupztnexqm@Vurt.local> <1294_1489586438_58C94906_1294_16108_1_53C29892C857584299CBF5D05346208A31C6FFA0@OPEXCLILM21.corporate.adroot.infra.ftgroup> <20170315145416.iiox6dz4u53dkfn4@Vurt.local> <12219_1489591279_58C95BEF_12219_294_1_53C29892C857584299CBF5D05346208A31C704E8@OPEXCLILM21.corporate.adroot.infra.ftgroup>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <12219_1489591279_58C95BEF_12219_294_1_53C29892C857584299CBF5D05346208A31C704E8@OPEXCLILM21.corporate.adroot.infra.ftgroup>
X-Clacks-Overhead: GNU Terry Pratchett
User-Agent: NeoMutt/20170609 (1.8.3)
Archived-At: <https://mailarchive.ietf.org/arch/msg/grow/1yXhze8Jq3rDXM5ykZErjYDztPM>
Subject: Re: [GROW] draft-ietf-grow-bgp-gshut status?
X-BeenThere: grow@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Grow Working Group Mailing List <grow.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/grow>, <mailto:grow-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/grow/>
List-Post: <mailto:grow@ietf.org>
List-Help: <mailto:grow-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/grow>, <mailto:grow-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Jun 2017 23:41:02 -0000
Dear Bruno, other gshut authors & GROW, If you'd like help editing draft-ietf-grow-bgp-gshut-06 to reflect the proposed changes discussed in the last 3 months in GROW, I'd be happy to help. I have ed the standard editor installed and ready to go. Kind regards, Job On Wed, Mar 15, 2017 at 03:21:18PM +0000, bruno.decraene@orange.com wrote: > Hi Job, > > Thanks for the feedback. > More inline > > > From: Job Snijders [mailto:job@ntt.net] > Sent: Wednesday, March 15, 2017 3:54 PM > > > > Hi Bruno, > > > > On Wed, Mar 15, 2017 at 02:00:37PM +0000, bruno.decraene@orange.com wrote: > > > > From: GROW [mailto:grow-bounces@ietf.org] On Behalf Of Job Snijders > Sent: > > Wednesday, March 15, 2017 2:11 PM > > > > > > > > I noticed that https://tools.ietf.org/html/draft-ietf-grow-bgp-gshut-06 > > > > expired two years ago. Can anyone offer some insight why it lapsed? > > > > > > In order to signal the graceful shutdown over the EBGP session, gshut > > > uses a "well-know" BGP community. Compared to using a protocol > > > extension, this allows a vanillia sender/receiver to handle the > > > information using a regular BGP policy. > > > So far so good. This is specified, implemented both with BGP policy > > > and automated by some routers, tested (both options). > > > > > > Now, for some deployments, the use of a non-transitive community offer > > > a better assurance that the community has indeed be originated by the > > > connected eBGP peer. The issue is that currently there is no > > > implementation of non-transitive well-known communities. > > > draft-ietf-idr-reserved-extended-communities is a short draft to > > > define non-transitive well-known communities. It proposed to re-use an > > > "existing" non-transitive extended community, defined for four-octets > > > AS: draft-ietf-idr-as4octet-extcomm-generic-subtype. But it turns out > > > that this latter draft did not progress and has recently been replaced > > > by BGP large community. The later do no support non-transitive > > > community. > > > > > > So after waiting for some years for > > > draft-ietf-idr-as4octet-extcomm-generic-subtype, this path has just > > > been closed. As of today, the possible options seems: > > > > > > - forget about non-transitive community. In particular as during the > > > BGP large community discussions, the requirement for non-transitive > > > community has been discussed and explicitly called as not needed. So > > > let's listen to this and do the same. > > > > I'd like to add a small nuance: For the use case of large communities, > > non-transitivity was considered an undesirable property. > > "undesirable property" is a bit beyond the term that I would use, but who cares now; it's not part of it. > > > To be honest, if the 'gshut' community 'escapes' the adjacent ASN for > > which it was intended, what is the worst that can happen? That BGP > > speakers somewhere in the DFZ consider the path less desirable? This > > aligns with what is expected to happen in the near future anyway: the > > bgp session will be torn down and the path will cease to exist. > > > > In the case where no shutdown event follows (the gshut community is used > > as a traffic engineering trick), it kind of goes in the same category as > > intermediat networks prepending ASNs to the AS_PATH to make it less > > desirable, or fiddling with origin. If I were to consider "permanent > > use" of the gshut community a violation of my agreement with the > > adjacent network, this would be easy enough to monitor for and > > subsequently resolve at layer-8. > > In sync. In particular in sync with the security considerations of the draft > https://tools.ietf.org/html/draft-ietf-grow-bgp-gshut-06#section-8 > > > > > - have draft-ietf-idr-reserved-extended-communities use a different > > > extended community type. This is easy to write, but if this does not > > > get implemented, the value is limited/null. > > > > I concur. A similar consideration could be made whether gshut deserves > > its own path attribute or not. Usually the nice thing about well known > > rfc 1997 communities is their rapid implementation and deployability. > > Indeed. That was specifically important for the VPN customers, with 1000s of CE, some with "legacy" software which are difficult to upgrade. So the possibility to use a vanilla CE with a BGP policy was part of the requirements. This may be less of an issue for big SP routers, although incremental deployment is always a plus, especially when more than one AS are involved. > > > > > What implementatations exist? A fellow operator told me that IOS, > > > > IOS XE has support for graceful shutdown, are there others? > > > > > > Same information on my side. With the restriction that those > > > implementations only implement the transitive community. > > > > ack. > > > > I'm somewhat inclined to proceed with the gshut concept as a well-known > > transitive rfc 1997 community. What do others think? > > I agree with you. > Until now, in order to capture all the options, waiting for draft-ietf-idr-as4octet-extcomm-generic-subtype seemed reasonable (at the cost of waiting for years, but this was not expected as we though vendors would implement it to accommodate 4-octects AS deployments). It's not anymore, so I guess we'll update the draft to follow this proposed path. > > Thanks, > Kind regards, > --Bruno > > > Kind regards, > > > > Job
- [GROW] draft-ietf-grow-bgp-gshut status? Job Snijders
- Re: [GROW] draft-ietf-grow-bgp-gshut status? bruno.decraene
- Re: [GROW] draft-ietf-grow-bgp-gshut status? Job Snijders
- Re: [GROW] draft-ietf-grow-bgp-gshut status? bruno.decraene
- Re: [GROW] draft-ietf-grow-bgp-gshut status? Ben Maddison
- Re: [GROW] draft-ietf-grow-bgp-gshut status? bruno.decraene
- Re: [GROW] draft-ietf-grow-bgp-gshut status? Robert Raszuk
- Re: [GROW] draft-ietf-grow-bgp-gshut status? bruno.decraene
- Re: [GROW] draft-ietf-grow-bgp-gshut status? Robert Raszuk
- Re: [GROW] draft-ietf-grow-bgp-gshut status? bruno.decraene
- Re: [GROW] draft-ietf-grow-bgp-gshut status? Ben Maddison
- Re: [GROW] draft-ietf-grow-bgp-gshut status? Robert Raszuk
- Re: [GROW] draft-ietf-grow-bgp-gshut status? Ben Maddison
- Re: [GROW] draft-ietf-grow-bgp-gshut status? Robert Raszuk
- Re: [GROW] draft-ietf-grow-bgp-gshut status? Gert Doering
- Re: [GROW] draft-ietf-grow-bgp-gshut status? Robert Raszuk
- Re: [GROW] draft-ietf-grow-bgp-gshut status? bruno.decraene
- Re: [GROW] draft-ietf-grow-bgp-gshut status? Ben Maddison
- Re: [GROW] draft-ietf-grow-bgp-gshut status? bruno.decraene
- Re: [GROW] draft-ietf-grow-bgp-gshut status? Gert Doering
- Re: [GROW] draft-ietf-grow-bgp-gshut status? Robert Raszuk
- Re: [GROW] draft-ietf-grow-bgp-gshut status? bruno.decraene
- Re: [GROW] draft-ietf-grow-bgp-gshut status? Jeffrey Haas
- Re: [GROW] draft-ietf-grow-bgp-gshut status? Jakob Heitz (jheitz)
- Re: [GROW] draft-ietf-grow-bgp-gshut status? Job Snijders
- Re: [GROW] draft-ietf-grow-bgp-gshut status? bruno.decraene
- Re: [GROW] draft-ietf-grow-bgp-gshut status? Randy Bush
- Re: [GROW] draft-ietf-grow-bgp-gshut status? Job Snijders
- Re: [GROW] draft-ietf-grow-bgp-gshut status? bruno.decraene