Re: [Idr] New BGP capability to advertise running daemon version

Jeffrey Haas <jhaas@pfrc.org> Fri, 02 August 2019 15:01 UTC

Return-Path: <jhaas@slice.pfrc.org>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DBF6E120379 for <idr@ietfa.amsl.com>; Fri, 2 Aug 2019 08:01:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vvalLdcsBQqz for <idr@ietfa.amsl.com>; Fri, 2 Aug 2019 08:01:05 -0700 (PDT)
Received: from slice.pfrc.org (slice.pfrc.org [67.207.130.108]) by ietfa.amsl.com (Postfix) with ESMTP id 069D812039A for <idr@ietf.org>; Fri, 2 Aug 2019 08:00:54 -0700 (PDT)
Received: by slice.pfrc.org (Postfix, from userid 1001) id F1DC11E2F3; Fri, 2 Aug 2019 11:02:51 -0400 (EDT)
Date: Fri, 02 Aug 2019 11:02:51 -0400
From: Jeffrey Haas <jhaas@pfrc.org>
To: Donatas Abraitis <donatas.abraitis@gmail.com>
Cc: ERCIN TORUN <ercin.torun@turkcell.com.tr>, "idr@ietf.org" <idr@ietf.org>
Message-ID: <20190802150251.GA11217@pfrc.org>
References: <CAPF+HwV3EEUza3FyiXsd_oSkj80OwY-tE2DgFWnynq1FL2tLHg@mail.gmail.com> <015d56c13d01436890da2b8a7179fac9@turkcell.com.tr> <CAPF+HwV2Df6qcRD+GrE_JFv8W5Yh3OACKZrdv1Bw4PXQbjtDyQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <CAPF+HwV2Df6qcRD+GrE_JFv8W5Yh3OACKZrdv1Bw4PXQbjtDyQ@mail.gmail.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/121Ys1LUhEq4nPCBfpZqPOJND8o>
Subject: Re: [Idr] New BGP capability to advertise running daemon version
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 02 Aug 2019 15:01:07 -0000

Donatas,

On Fri, Aug 02, 2019 at 09:56:22AM +0300, Donatas Abraitis wrote:
> yes, it's risky and shouldn't be toggled by default, but in data
> center environments where you have full control, it's very handy. For
> instance in FRR has a few modes to operate like traditional and
> datacenter. By having datacenter profile enabled, it's safe enough to
> have this capability, IMO. Or as you suggested, just an additional
> knob for configuring this is considered as well.

Others have mentioned the security considerations.  I'd be a bit concerned
that such a thing really was "off by default".

Beyond that, items put into capabilities right now are intended to impact
operational behaviors.  This doesn't feel like the best fit for me.

If I could be talked into wanting this at all, I suspect I might be more
supportive of having this be an optional parameter rather than a capability.

-- Jeff