IETF Logo Mail Archive

Re: [Idr] [GROW] draft-mauch-bgp-reject

Gert Doering <gert@space.net> Thu, 05 November 2015 21:06 UTC

Return-Path: <gert@Space.Net>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E63421A6FC3 for <idr@ietfa.amsl.com>; Thu, 5 Nov 2015 13:06:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.61
X-Spam-Level:
X-Spam-Status: No, score=-2.61 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id f1ReIrrTlwBB for <idr@ietfa.amsl.com>; Thu, 5 Nov 2015 13:06:35 -0800 (PST)
Received: from mobil.space.net (mobil.space.net [195.30.115.67]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 19C7B1A6F5A for <idr@ietf.org>; Thu, 5 Nov 2015 13:06:34 -0800 (PST)
X-Original-To: idr@ietf.org
Received: from mobil.space.net (localhost [IPv6:::1]) by mobil.space.net (Postfix) with ESMTP id 2B60862F15 for <idr@ietf.org>; Thu, 5 Nov 2015 22:06:32 +0100 (CET)
X-SpaceNet-Relay: true
Received: from moebius3.space.net (moebius3.Space.Net [IPv6:2001:608:2:2::250]) by mobil.space.net (Postfix) with ESMTPS id E300A60736 for <idr@ietf.org>; Thu, 5 Nov 2015 22:06:31 +0100 (CET)
Received: (qmail 47891 invoked by uid 1007); 5 Nov 2015 22:06:31 +0100
Date: Thu, 05 Nov 2015 22:06:31 +0100
From: Gert Doering <gert@space.net>
To: Jared Mauch <jared@puck.nether.net>
Message-ID: <20151105210631.GR70452@Space.Net>
References: <E1A51A62-A164-4F9C-AE67-CC8F3C3AB85D@puck.nether.net> <20151102093733.GF70452@Space.Net> <B1CF5B9F-7827-4A2D-9DAD-0D5C50C5F393@puck.nether.net>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha1"; protocol="application/pgp-signature"; boundary="uoA43OcX1TSCI7Qa"
Content-Disposition: inline
In-Reply-To: <B1CF5B9F-7827-4A2D-9DAD-0D5C50C5F393@puck.nether.net>
X-NCC-RegID: de.space
User-Agent: Mutt/1.5.23 (2014-03-12)
Archived-At: <http://mailarchive.ietf.org/arch/msg/idr/4GYvj1g28ixvOJb4KjsFOMvEEkk>
Cc: idr wg list <idr@ietf.org>, GROW@ietf.org, Gert Doering <gert@space.net>
Subject: Re: [Idr] [GROW] draft-mauch-bgp-reject
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Nov 2015 21:06:37 -0000

Hi,

On Thu, Nov 05, 2015 at 12:48:51AM -0500, Jared Mauch wrote:
> > There is one item I don't understand here:
> > 
> >   o  Software MUST provide protection from internal failures preventing
> >      the advertisement and acceptance of routes
> > 
> > what does that mean (in other words "more verbose explanation, please")?
> 
> Vendor software will actually fail-open and not honor the configured
> policy.  I???d like to try and capture this case as implementation guidance
> to prevent damage to the global internet.

So "if there is anything broken in the machinery, kill the bgpd before
you just let routes in or out in an uncontrolled fashion"?

Support :)

Gert Doering
        -- NetMaster
-- 
have you enabled IPv6 on something today...?

SpaceNet AG                        Vorstand: Sebastian v. Bomhard
Joseph-Dollinger-Bogen 14          Aufsichtsratsvors.: A. Grundner-Culemann
D-80807 Muenchen                   HRB: 136055 (AG Muenchen)
Tel: +49 (0)89/32356-444           USt-IdNr.: DE813185279

v2.23.0 | Report a Bug | By Email