Re: [Idr] IETF LC for IDR-ish document <draft-ietf-grow-bgp-reject-05.txt> (Default EBGP Route Propagation Behavior Without Policies) to Proposed Standard

Jared Mauch <jared@puck.Nether.net> Mon, 24 April 2017 19:09 UTC

Return-Path: <jared@puck.nether.net>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1FFE8129466 for <idr@ietfa.amsl.com>; Mon, 24 Apr 2017 12:09:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.203
X-Spam-Level:
X-Spam-Status: No, score=-4.203 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id r5WEBgTfGkSg for <idr@ietfa.amsl.com>; Mon, 24 Apr 2017 12:09:18 -0700 (PDT)
Received: from puck.nether.net (puck.nether.net [204.42.254.5]) by ietfa.amsl.com (Postfix) with ESMTP id AE2CF127275 for <idr@ietf.org>; Mon, 24 Apr 2017 12:09:18 -0700 (PDT)
Received: by puck.nether.net (Postfix, from userid 162) id 6704B5409BF; Mon, 24 Apr 2017 15:09:18 -0400 (EDT)
Date: Mon, 24 Apr 2017 15:09:18 -0400
From: Jared Mauch <jared@puck.Nether.net>
To: Mikael Abrahamsson <swmike@swm.pp.se>
Cc: Enke Chen <enkechen@cisco.com>, "idr@ietf.org" <idr@ietf.org>
Message-ID: <20170424190918.GB23552@puck.nether.net>
References: <23283_1492759950_58F9B58E_23283_375_1_53C29892C857584299CBF5D05346208A31CC352B@OPEXCLILM21.corporate.adroot.infra.ftgroup> <20170421084638.l6pbvtznfsxnq2wy@Vurt.local> <23291_1492766305_58F9CE61_23291_9725_1_53C29892C857584299CBF5D05346208A31CC399E@OPEXCLILM21.corporate.adroot.infra.ftgroup> <20170421095839.sralcy7aos5mzzic@Vurt.local> <d57ed214-945a-54b8-e04f-cb8610f789e4@cisco.com> <alpine.DEB.2.02.1704231447550.5591@uplift.swm.pp.se> <ee6e3ad8-d5c2-16c5-4464-3473d9a6443a@cisco.com> <alpine.DEB.2.02.1704240928120.5591@uplift.swm.pp.se> <09173019-86ee-4f81-d57f-f664d642f633@cisco.com> <alpine.DEB.2.02.1704242018130.5591@uplift.swm.pp.se>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <alpine.DEB.2.02.1704242018130.5591@uplift.swm.pp.se>
User-Agent: Mutt/1.8.0 (2017-02-23)
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/0NUW9S61nQyorKMEkVoq6fyuihU>
Subject: Re: [Idr] IETF LC for IDR-ish document <draft-ietf-grow-bgp-reject-05.txt> (Default EBGP Route Propagation Behavior Without Policies) to Proposed Standard
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 24 Apr 2017 19:09:20 -0000

On Mon, Apr 24, 2017 at 08:19:12PM +0200, Mikael Abrahamsson wrote:
> On Mon, 24 Apr 2017, Enke Chen wrote:
> 
> > The CLI migration falls apart when a customer skips releases and jumps
> > from one release ("permit all") to another ("deny all").
> 
> I thought this was exactly what the CLI migration code was supposed to do?
> 
> Keep track of what versions some default changed in, and fix it when
> migrating the config?

	Vendors have never wanted to publish this, nor have they been
willing to truly document it.

	It seems like this is just an excuse to let their whim of the day
be further propogated.

	As someone who actually reads the diffs from the nvgen
ecosystem in platforms like Cisco IOS, it's clear nobody really
reads the full system diffs.
	
	Claiming otherwise is clouding the discussion.  Once again, this is
"We will never ever secure our BGP implementation".  To that, I will
respond accordingly with my account team.

	I also question those who think customers can't easily figure out
how to turn a knob on.  You must really not think highly of your customers.

	- Jared

-- 
Jared Mauch  | pgp key available via finger from jared@puck.nether.net
clue++;      | http://puck.nether.net/~jared/  My statements are only mine.