[GROW] GROW IETF 101 minutes
Job Snijders <job@instituut.net> Wed, 21 March 2018 16:56 UTC
Return-Path: <job@instituut.net>
X-Original-To: grow@ietfa.amsl.com
Delivered-To: grow@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5952F1270AB for <grow@ietfa.amsl.com>; Wed, 21 Mar 2018 09:56:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=instituut-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id z4_GhsFsdoZu for <grow@ietfa.amsl.com>; Wed, 21 Mar 2018 09:56:12 -0700 (PDT)
Received: from mail-wm0-x236.google.com (mail-wm0-x236.google.com [IPv6:2a00:1450:400c:c09::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6D418126CC7 for <grow@ietf.org>; Wed, 21 Mar 2018 09:56:12 -0700 (PDT)
Received: by mail-wm0-x236.google.com with SMTP id h21so10954569wmd.1 for <grow@ietf.org>; Wed, 21 Mar 2018 09:56:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=instituut-net.20150623.gappssmtp.com; s=20150623; h=date:from:to:subject:message-id:mime-version:content-disposition :user-agent; bh=zkjD23t10z1EpAb1W9nfdHpg2pZyZsDQ9Q4Mn+NraoE=; b=KhbJlnZZs+P2K7Q25C+BmxIxlDiu26OLPs/GS4XaCVPXxpL9naHlVh107Rz1ntPjQK Yx+0gJb1viS6lv7Gt1K8Z7yf6xSj/Y+yQM4plmU9OFRFJNOUeJ01I2pGRa65vDhPUfXF LcuWVBYVoALx3hRBMnJUYadziyLXm8pRkC1zmTtF2Bp774Vyc06jpiCW5h3sByEsyW14 iehtZ2if+I9+QqLBfhvtLd6mc3WurI+oadSq1N22L3+Sg+n9ZanXh02ZhlicOfvM+N5O e9EyVDOBjOoor75IVhY7EJ3iokv/gBKSOUB8jFSc9z14/4FRWdmwHS9QahvtqRymfR5n 6X3w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:subject:message-id:mime-version :content-disposition:user-agent; bh=zkjD23t10z1EpAb1W9nfdHpg2pZyZsDQ9Q4Mn+NraoE=; b=IBwO0ZzY5Gca3FA/dUV1uAy3AmbrCWXDs7ZC5sUxfepDhvnc9pDWLvEnofP00+it/C 2v9+rcuhJ5s88pftODCmYrvofR6PzFiUk9kNlCBMoyITQU3Nh1ncWfhXI5kJbQKd4Nwy fuDnXbcckfVy+ecHJCQwCRgT06ztDjmh+M5x/hn6i8c0lXUXQ9cdkDG/Su/dZy1B4Bo9 cYypVUXwAAjw2NtDPBHeI/Uq+I+cZz/FHj1mB5tbEo3QMDSHOuW8GbtsjosoSmF+Zodb oQBgbyZUXNX0W6uddlZPIQIGI2ozDIhI2yA3mcNp4wHGe7OOV3M2FRg1WVd4GdFOFHl8 T3cQ==
X-Gm-Message-State: AElRT7Hlewp3gmoIclFol/uGBxIhwZvXqwTDMcEo0zcfGitq1vcRHGov pDBeGUriEmX4YH5bDIkE86WkDw==
X-Google-Smtp-Source: AG47ELvYhe16nk+2M/EvE2KyZcojF5o3hcX97gEJTlv96SzeIC3l5HBl4EuR9rR4T8suELjrts4jbg==
X-Received: by 10.28.230.206 with SMTP id e75mr3600923wmi.136.1521651370684; Wed, 21 Mar 2018 09:56:10 -0700 (PDT)
Received: from vurt.meerval.net (dhcp-8f12.meeting.ietf.org. [31.133.143.18]) by smtp.gmail.com with ESMTPSA id 4sm3649112wmz.31.2018.03.21.09.56.09 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Wed, 21 Mar 2018 09:56:09 -0700 (PDT)
Received: from localhost (vurt.meerval.net [local]) by vurt.meerval.net (OpenSMTPD) with ESMTPA id 3d16de97; Wed, 21 Mar 2018 16:56:08 +0000 (UTC)
Date: Wed, 21 Mar 2018 16:56:08 +0000
From: Job Snijders <job@instituut.net>
To: grow@ietf.org
Message-ID: <20180321165608.GD30984@vurt.meerval.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
X-Clacks-Overhead: GNU Terry Pratchett
User-Agent: Mutt/1.9.4 (2018-02-28)
Archived-At: <https://mailarchive.ietf.org/arch/msg/grow/EkJ9iDFHK4n4po07YbVYmxZSyIs>
Subject: [GROW] GROW IETF 101 minutes
X-BeenThere: grow@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Grow Working Group Mailing List <grow.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/grow>, <mailto:grow-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/grow/>
List-Post: <mailto:grow@ietf.org>
List-Help: <mailto:grow-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/grow>, <mailto:grow-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Mar 2018 16:56:15 -0000
Dear all, Below are the minutes of the GROW meeting at IETF 101. I'd like to thank Massimiliano Stucchi and Nathalie Trenaman effusively for their minute taking. Kind regards, Job https://datatracker.ietf.org/doc/minutes-101-grow/ ################ Presentation: BMP - Paolo Lucente ( draft-ietf-grow-bmp-adj-rib-out-01.txt and draft-ietf-grow-bmp-local-rib-01.txt) ################ Randy Bush highlighted a problem in the BMP implementation from vendors. He's worried about adding more parts to it. Additionally, he mentioned that he likes the drafts. Ruediger Volk pointed out that there are gaps in the overall picture: he feels there are information that are dropped between RIB-in and the post-policy that could be of interest for him. It would be interesting to know which routes have been dropped, and which one of the policy decisions affected it. For certain vendors a code point could be added to send all this data to central logging for analysis. Paolo mentioned that he's done work on pre- and post-policies. He feels the issue to be out of scope for the moment and for the specific draft. Job proposed to add another draft to address this issue. Paolo is concerned that trying to find a common language across vendors to describe actions and policies could be hard. Ruediger suggested using exit codes that could be scripted. Jeff Haas mentioned that not everything could be standardised. He suggested that there could be a way to allow operators to put their own messages in the description. There were no more questions nor comments. ################# Presentation: Randy Bush - draft-ymbk-grow-wkc-behavior-00 ################# Ruediger asked about the well-known communities, and the fact that in the past it was deemed not possible to add more, but recently it happened. In the end the question pointed towards asking "what is a well-known community?" Ruediger also suggested to add a "delete all" command to remove all the communities from a configuration Jeff Haas commented that IANA should be asked about the meaning of well-known communities, and that the behaviour of vendors depends on how IANA handled it at the beginning. Randy Bush asked the room if considering this problem a bug is the right way, or if removing the set command could be a problem for many implementors. John Scudder mentioned that he just read the draft and suggested to go ahead with what is there and not add anything, which is what the draft says. Ruediger suggested to ask the vendors for approriate delete commands to be used. There were no more questions nor comments. ############### Presentation: Job Snijders - IRR vs RPKI parity regarding AS-SETs ############### George Michaelson suggested to not modify RPKI, but that something is being added. He added that the critical moment is about who signs and what should be in the certificates that are being produced. Ruediger Volk said that it's correct to point out that AS-Sets are being used but do not appear in RPKI, but do in RPSL. Good idea to make progress, but identifying gaps in functionality is important, so they can be filled. He pointed out, though, that there's a difference between authorisation and policy documentation. RPKI provides clear authorisation. RPSL was policy documentation. Using the IRR as an authorisation mechanism and trying to fix it while we already have an authorisation system could be wrong. AS-Sets can not have authorisation, and they contain wrong data most of the time. This problem needs to be fixed. Jeff Haas pointed out that Sets are nice but they belong in RPSL. Sets are useful for policies, but probably it is not as needed as we're thinking. The idea resembles RPSL export statements. Job replied that if only we can mimic AS-Sets in RPKI, that can be useful. Jeff replied that he agrees they can be useful. Randy Bush asked about how recursion would work, and what authority he would be asserting over those objects. He also criticised the type of approach. Ruediger Volk commented about how AS-Sets could be registered, and mentioned that they could be created in any IRR and be looked up in each one of them. It would be nice to find a way to fix this issue. The best way would be to use adjacency-assertions, but this is impractical to be applied in real life. Doug Montgomery Commented aobut Authorisation in ROAs, and how this is not enforced as Ruediger was explaining. The line was cut, as there was no more time for comments or questions. ############### Presentation: Alexander Azimov - uRPF Reboot ############### Randy Bush commented that implementing BCP38 would be easier than implementing what Alexander is suggesting. Alexander commented that this is just to guarantee spoofed traffic will not leave the customer network. Ruediger Volk commented that their customers would not be happy about implementing this solution. Job Snijders commented that using graceful shutdown is a nice idea, and added that finding equipment that could do uRPF efficiently is quite hard. Until this problem is solved, he would not even consider uRPF at all. Warren Kumari asked about how this implementation is done, and how local-preference is used in achieving the desired behaviour. There was a discussion among Randy Bush and Warren Kumari about the difference between No-export and Graceful Shutdown. Ruediger Volk suggested using also the no-export- community instead. Doug Montgomery asked clarification about how no-export is used in this scenario, and Alexander clarified that this draft applies mainly to stub networks. Doug also asked if there's the assumption that uRPF only applies to stub networks, and that transit networks should not be doing it. The line was cut, and Job suggested to bring more questions to the mailing list.
- [GROW] GROW IETF 101 minutes Job Snijders