Re: [Idr] IETF LC for IDR-ish document <draft-ietf-grow-bgp-reject-05.txt> (Default EBGP Route Propagation Behavior Without Policies) to Proposed Standard

Warren Kumari <warren@kumari.net> Fri, 05 May 2017 17:01 UTC

Return-Path: <warren@kumari.net>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7AD091201F8 for <idr@ietfa.amsl.com>; Fri, 5 May 2017 10:01:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=kumari-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id X_CDFFNd2QC2 for <idr@ietfa.amsl.com>; Fri, 5 May 2017 10:01:08 -0700 (PDT)
Received: from mail-qt0-x22f.google.com (mail-qt0-x22f.google.com [IPv6:2607:f8b0:400d:c0d::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 90C971294C8 for <idr@ietf.org>; Fri, 5 May 2017 10:01:08 -0700 (PDT)
Received: by mail-qt0-x22f.google.com with SMTP id m36so9967372qtb.0 for <idr@ietf.org>; Fri, 05 May 2017 10:01:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kumari-net.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=1GeeaO3ONWr0P7PPgA183q3SLnWCZcm7Ljyvuicw8Ek=; b=BS49g0n3QO53fMSbOdf+65P3weES1uIndQgdq+zRfKJi+VSFqh7MuInWVtXEw/DzTg pxYme56mS4/WY9bYlS9XheF3pohP0dk2Z/iDLM5+2UdwycsdI+vY3U8nzURe3bt9Kya2 X37tc0lYBFfR2gKOguTFKmBDlV+L8+5unSOOUOhm1TVGO4x21IgLh6uwtfUjbW6zLZIH IAO2aHbqZJfis9qUbrbSt7ONbzRwJF37iwDaxkbQ5ajh96nM5/niX59pbT03tyWS9v1L eUjkGFoafFEbGSd0zpHbWLSK13/BIQgggKt1XRBH+RkIQHVzGYYRj4XhisPtJzxGiSlE 2g9Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=1GeeaO3ONWr0P7PPgA183q3SLnWCZcm7Ljyvuicw8Ek=; b=WRgDEEoYrCwwhEz22IPkTXLc4yJxGzfqNUe4gtCCefUAxdz/uVH6cLlyWEOIlqFL4w nK1RZMTv2iRfmxCkMuwHm45RVOH+yffPWUN0WLGBYP+YM9kqrSJhkbfm/dGK65WdOxF0 10kxYdBx3IaN3q08rM7aSiTirzu7MGgMYdTViwP+oKxkS+uWRicM7OpFYcZ5VvM41D3I gpJUdZxefBPXVrg8eYKEIDCZWhtU8l6Kr11AHg6vKblEk+4BpWVhnseXnW7eH8wa+OEI T9hvTpRg8imAEWpGZVbqK6uAIztlyJK4sNwTeBi8YLkPO1UkBV/ROFrWkY9nRa+CtyX8 8nAw==
X-Gm-Message-State: AN3rC/44gd+crtHKHN9vsjsdvxJJl8rySmwXqtA5pxfSraSePztxyb+n y/ULHISy0sDD2Y/ZXr9HVTqnugmcDUgA
X-Received: by 10.200.44.36 with SMTP id d33mr46146687qta.51.1494003667049; Fri, 05 May 2017 10:01:07 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.12.171.68 with HTTP; Fri, 5 May 2017 10:00:26 -0700 (PDT)
In-Reply-To: <CA+b+ERk6U1VZTdoNtve8b-HqxNBPkymF0i-++ixw5bN+yXAWcA@mail.gmail.com>
References: <D4E812E8-AA7B-4EA2-A0AC-034AA8922306@juniper.net> <81424CC3-C4B0-487E-BF56-0113CA637239@juniper.net> <CA+b+ER=VYF3tZUgph8oxwNaw6ByENmctxOazjR7FGT-DdhgVwQ@mail.gmail.com> <CA+b+ERkt-B65dPrWRULBE1iOqHQpujjoEwqGxZjOWcR9OVbqPA@mail.gmail.com> <CA+b+ERmkEy2rJYLAGyaVVCBOxukjx8u2AJM9t8JkU1GThG0tNg@mail.gmail.com> <CA+b+ERmTVWRBt5RYhDXF9FRcL+zh0rMJbdDoodOueuiTqdO3pw@mail.gmail.com> <CA+b+ERkFXEGf9YXbFksvYvgcz8hEYsTZJP38GFFoWr8DSihDKA@mail.gmail.com> <CA+b+ERmMTq4gEu7s8_sBX-WQat8Fn2MUJUyXAbvdr0K=+WdPew@mail.gmail.com> <CA+b+ER=_WCeU_HPpBm5XFjEd1autFCnzVqV33pvXrOOjtuG=Nw@mail.gmail.com> <CA+b+ERmKT5PTJb7bdCG-vGjebAmvKYjWtyqRKPQiLP37RjFSmA@mail.gmail.com> <CA+b+ERmCruh1pr_22kF8OsLn0oW8reJfoe1nKjBd6kjAC1Y_vA@mail.gmail.com> <CA+b+ERm6UFgTrfkPA_wrbt9trUejyby56vvFedrmn5FP4Sg28w@mail.gmail.com> <CA+b+ERkmZZuU7W-n2CPtu0xfPGO=E3K9Gy9o8aOZqj5uf5duCg@mail.gmail.com> <CA+b+ERnRqisRs3sdtxTm9R7H_HpLw82qd+7kAqaTZbRFi1ZGww@mail.gmail.com> <CA+b+ERkxwXS9u7Kt4uEA4=P6JA9M+8Ha96ny2+kOGFeDe+NYAA@mail.gmail.com> <CA+b+ERk6U1VZTdoNtve8b-HqxNBPkymF0i-++ixw5bN+yXAWcA@mail.gmail.com>
From: Warren Kumari <warren@kumari.net>
Date: Fri, 5 May 2017 13:00:26 -0400
Message-ID: <CAHw9_iL1uQbgtJFy7caQ3GPa7hkTksLPHP=32zpvCHS9iipfxg@mail.gmail.com>
To: Robert Raszuk <robert@raszuk.net>
Cc: "John G. Scudder" <jgs@juniper.net>, idr wg <idr@ietf.org>, "Alvaro Retana (aretana)" <aretana@cisco.com>
Content-Type: text/plain; charset=UTF-8
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/8vmnZJfDN1I2Dq8a6rioNdAi1N4>
Subject: Re: [Idr] IETF LC for IDR-ish document <draft-ietf-grow-bgp-reject-05.txt> (Default EBGP Route Propagation Behavior Without Policies) to Proposed Standard
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 May 2017 17:01:11 -0000

[ + Alvaro, explicitly ]
The way that (rough) consensus is judged in the IETF is not when
everyone is happy, but when people have had a chance to raise their
issues, have them discussed and considered.

This LC generated a *significant* amount of discussion, and a large
amount of back and forth The issues were, IMO discussed and
considered, and some text added / changed to address the discussion.
John's judgement of consensus is not his alone; I (as the GROW AD)
viewed there as being **rough** consensus; I discussed this with
Alvaro (as IDR AD) who concurred. John provided a really helpful
summary which he shared with us - I used this to confirm my view, and
I asked him to provide to the list.

This is clearly not unanimous/ not everyone is happy, but (in my view)
there is *rough* consensus for this to progress.

The authors are still integrating final edits / word smithing and will
post a new version shortly.

W

On Fri, May 5, 2017 at 5:34 AM, Robert Raszuk <robert@raszuk.net>; wrote:
> Hi John,
>
> If someone make a point of the discussion and stops arguing about it ib next
> 100 emails does not mean that the rough consensus was reached on his or her
> comment.
>
> Honestly to me I do not see that rough consensus to adopt this change as
> standard track document has been reached on IDRWG mailing list.
>
> Moreover document does not define what policy is. Is accepting ORF a policy
> or not ? No clarity will lead to very inconsistent implementations.
>
> Cheers,
> R.
>
> PS I uderstand that forcing inbound policy is to push folks to apply BCP38.
> But this at best is applicable only at the ISP inbound side ....
>
> On May 5, 2017 12:41 AM, "John G. Scudder" <jgs@juniper.net>; wrote:
>
> Hi All,
>
> Below is my summary of this mail thread, FYI.
>
> As I understand it the next steps will be for the GROW AD (Warren) in
> consultation with the GROW chairs (Pete and Chris) to decide.
>
> Thanks to all for your participation.
>
> --John
>
> The thread "[Idr] IETF LC for IDR-ish document
> <draft-ietf-grow-bgp-reject-05.txt> (Default EBGP Route Propagation Behavior
> Without Policies) to Proposed Standard" started on April 19 and by May 1 had
> accumulated well over a hundred messages from 27 or so contributors.
>
> The thread defies a simple declaration of "there was consensus". However,
> and somewhat to my surprise, after reading back through the history and
> trying to give special attention to issues opened but subsequently rebutted,
> I think we do have consensus supporting advancement.
>
> There was quite a bit of discussion about the intended status of the
> document -- Standards Track vs. Informational vs. BCP, Updates 4271 or not.
> In the end, I think the best we can really say is that there was no
> consensus to choose something other than what the doc currently says. I've
> counted those who had document status objections under "con".
>
> If it were up to me to call consensus (which it is not) I would say there is
> rough consensus to advance the document on the Standards Track, updating
> 4271. I might consider offering a few extra days of LC for editorial
> comments *only*, with discussion of the document status and general outline
> and features of the solution being placed explicitly out of scope. This is
> because there were, interspersed among the many other comments, a few
> editorial ones, and I just don't have the energy to figure out if they were
> all taken in (although I think the authors have been fairly diligent about
> this). It's also because the most recent versions of the document have some
> fairly significant changes compared to -05.
>
> Several issues were raised and discussed as part of the thread, including
> (but not limited to, I'm under no illusions that I've captured or even
> fairly represented every single point):
>
> 1. A number of people, largely from router vendors, expressed concern that
> changing defaults is difficult. These ranged from saying it was impossible,
> to merely difficult and not worth it. In response to this, others (including
> but not limited to other vendor folk) provided examples for how a default
> could be changed without invoking a flag day. Greg Hankins, in particular,
> provided a detailed explanation of his company's process. The proponents of
> "it's hard to change defaults" didn't follow up to the various rebuttals, so
> on the balance I would have to say they're "in the rough". It's a bit dicey
> to make this call since failure to follow up can also reflect simple
> fatigue, but in this case the conversation doesn't just tail off, it ends
> with concrete arguments on the "this can be done" side.
>
> 2. Related, there is the position that "yes of course anything can be done
> in software but the cost/benefit ratio isn't right". This is clearly a
> matter of personal taste so can't be dismissed (or supported) solely on the
> basis of logic.
>
> 3. Should the behavior be per-AFI/SAFI instead of global? Perhaps to apply
> only to Internet routing and not other applications?
> Pro: the motivation section of the document calls out the Internet use case
> Con: there's no clear, unambiguous way to actually specify this (AFI/SAFI
> 1/1 can be used in a VPN context, e.g.). different defaults for different
> AFI/SAFI is confusing for the user and the extra complexity not required.
>
> 4. How about "default no-propagate" rather than "default no-advertise"?
> Pro: Keeps CE configurations more compact, less surprising behavior.
> Con: Behavior is actually more surprising (since harder to explain, less
> consistent). Doesn't cover all plausible use cases.
>
> 5. These defaults will hurt some deployments that want to rely on the old
> defaults. Examples, data centers, CEs.
> Pro: as stated.
> Con: it seems unlikely anyone is actually relying on default behavior in
> their data center, since defaults vary between vendors, can any examples be
> brought forward? None offered, instead a couple DC operators stated support
> for the draft as written. For CEs, discussion around upgrade strategies
> without breaking existing deployments, see #1.
>
> 6. This should not update 4271, not be Standards Track, it should be a BCP,
> should be Informational, etc.
> Pro: It's not protocol, but just defaults, doesn't affect state machine,
> wire encoding.
> Con: Plenty of Standards Track documents specify defaults when considered
> important to operation of protocol, and even more ephemeral things such as
> textual encodings.
> Pro: It should be a BCP and/or shouldn't update 4271 because it's bad to
> make existing implementations nonconformant.
> Con: Formally, it doesn't work that way. Also, the point is to ask
> implementations to change.
>
> 7. There are various other proposals to mitigate route leaks and provide BGP
> security features.
> Pro: implied, "we've already got one"
> Con: some of these are still in flight, not even WG docs. None address
> exactly the same issues. Some don't even overlap.
>
> 8. Why not just do perfect filtering at the service provider border? It's an
> education problem!
> Pro: perfect filtering prevents harm from route leaks.
> Con: decades of experience indicate strategies that require perfection are
> not successful.
>
> Taking a rough head count, here's here I understand people's positions to
> have ended up:
>
> Commented, no discernible position on advancing the doc -- 2
>
> chris morrow
> alvaro retana
>
> Pro -- 16
>
> john scudder
> randy bush
> brian dickson
> joe provo
> warren kumari
> jared mauch
> job snijders
> gert doering
> mik abrahamson
> jeff haas -- support, though would prefer BCP
> greg hankins
> nick hilliard
> jay borkenhagen
> ian dickinson
> martijn schmidt
> keyur patel
>
> Con -- On procedural grounds (should be a BCP, or should be Informational)
> -- 3
>
> eric rosen -- would be OK as Informational, opposes other statuses
> tony przygienda -- it should be a BCP
> enke chen -- fine if it's a BCP. changing defaults is infeasible ("in the
> rough")
>
> Con -- In the rough -- 2
>
> acee lindem -- contrary to auto-discovery (rebutted, in the rough), should
> have a 'backwards compatibility' section
> jeff tantsura -- changing defaults "can not be changed". -- in the rough
>
> Con -- Other objections, in most cases not explicitly stated as opposing
> advancement but that's my reading of their mood -- 4
>
> robert raszuk -- not explicitly, but has raised numerous "but what
> about...", all or most replied to
> alex azimov -- 'it'll just result in empty policy' and 'route leaks are rare
> anyway', both later rebutted and not replied (so, "in the rough")
> tom petch -- not explicitly, but generally skeptical tone to comments.
> specifically requested an analysis of what harms the proposal might cause.
> (not done or replied to AFAIK)
> bruno decraene -- would rather improve route-leak draft, numerous other
> points and suggestions, mostly replied to, too much to summarize
> _______________________________________________
> Idr mailing list
> Idr@ietf.org
> https://www.ietf.org/mailman/listinfo/idr
>
>
>
> _______________________________________________
> Idr mailing list
> Idr@ietf.org
> https://www.ietf.org/mailman/listinfo/idr
>



-- 
I don't think the execution is relevant when it was obviously a bad
idea in the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair
of pants.
   ---maf