Re: [Idr] [GROW] draft-mauch-bgp-reject
Rick Casarez <rick.casarez@gmail.com> Fri, 06 November 2015 12:16 UTC
Return-Path: <rick.casarez@gmail.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D08271B2E7D; Fri, 6 Nov 2015 04:16:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sYEs2GD_Mvd5; Fri, 6 Nov 2015 04:16:20 -0800 (PST)
Received: from mail-wm0-x22a.google.com (mail-wm0-x22a.google.com [IPv6:2a00:1450:400c:c09::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 874301B2CEB; Fri, 6 Nov 2015 04:16:19 -0800 (PST)
Received: by wmec201 with SMTP id c201so16404282wme.0; Fri, 06 Nov 2015 04:16:18 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=DcIak8/jRO0lTkL6F+qxnh9w0zYqY3Y4Znc/O3GVN5g=; b=VNn3j9tOBMR8ZeB6BgJ1v1tfqLGLsTdY9nt/XEgKuFUQPmc00UCo5/qFujueSjsg76 PL7qaLExL9ceYIl2rDPdIHnBtS21M8ooVOHeQfeBzWoPD9jY9dMVTjeRWCsePKyCEtVC s0UP0VUZv5ZpVJizGsRjm3pq1d5kLm2PSUkxBJaBPbOAYVyPuv1MFyjr0bDAj0XcaE4K Vtj5a9Z+aPnkd+QgTfTtqp7j011cui1lir7kDbAnnwkyVnj92jIPvtqtG8BIsjoEmjDq pvbElSDG3jPUiZLoqzuSM9pLdxI8VelafZNd5nFPs/W3mRIfWw4zmnbtzrnRIQKnnpgT UoVQ==
MIME-Version: 1.0
X-Received: by 10.28.146.139 with SMTP id u133mr10291601wmd.56.1446812178075; Fri, 06 Nov 2015 04:16:18 -0800 (PST)
Received: by 10.27.108.76 with HTTP; Fri, 6 Nov 2015 04:16:17 -0800 (PST)
In-Reply-To: <CA+b+ERkBPDawAiw+uFZgOYwQVLkHUGVXXqwe7BfF60ajwWuSug@mail.gmail.com>
References: <E1A51A62-A164-4F9C-AE67-CC8F3C3AB85D@puck.nether.net> <20151102093733.GF70452@Space.Net> <B1CF5B9F-7827-4A2D-9DAD-0D5C50C5F393@puck.nether.net> <CA+b+ERkBPDawAiw+uFZgOYwQVLkHUGVXXqwe7BfF60ajwWuSug@mail.gmail.com>
Date: Fri, 06 Nov 2015 07:16:17 -0500
Message-ID: <CAGWMUT5ip4Cwyc8wNu5zoazf6SKeL3LzAceGBMjni6TDMv2-1g@mail.gmail.com>
From: Rick Casarez <rick.casarez@gmail.com>
To: Robert Raszuk <robert@raszuk.net>
Content-Type: multipart/alternative; boundary="001a11444ddeee554e0523de352b"
Archived-At: <http://mailarchive.ietf.org/arch/msg/idr/99Fj4ivSWRYxNUCpWz6SWMVHLx8>
X-Mailman-Approved-At: Fri, 06 Nov 2015 12:46:18 -0800
Cc: idr wg list <idr@ietf.org>, "grow@ietf.org" <GROW@ietf.org>
Subject: Re: [Idr] [GROW] draft-mauch-bgp-reject
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Nov 2015 12:16:22 -0000
This is interesting since it is definitely a best common practice for operators to do points 1 and 3 on your list. Is the intention of this document to enforce a BCP by allowing operators to point to a draft/RFC or did you want to change how BGP works? If you just want to document a BCP in draft form (eventually RFC) to use it as a mechanism to force vendors to change their BGP code/daemons it might work. Some vendors will have no issue conforming or adding it to their road map. Although most can point to the fact it is really just a BCP draft and ignore it unless there is a big surge in demand for conformance from their customers. After all we all know some vendors who do not conform to RFCs. If you want to change how BGP is implemented, and be able to more forcefully push this change to vendors, then Robert is correct and 4271 would need to be updated. So I guess I would ask you: which way did you want to go? >>Software MUST provide protection from internal failures preventing the advertisement and acceptance of routes >"Vendor software will actually fail-open and not honor the configured policy. I’d like to try and capture this case as implementation guidance to prevent damage to the global internet." So let me ensure I understand this correctly. The point of this draft is to protect the internet at large by ensuring policies are always in place. So what you are saying is vendors should never fail-open correct? ------------------- Cheers, Rick Experiences not things. On Thu, Nov 5, 2015 at 4:38 AM, Robert Raszuk <robert@raszuk.net> wrote: > Hi Jared, > > If you are up to fail-open on restart (I guess this is what you mean by > "internal-failures") and in fact in general regarding your entire draft IMO > the only way to really enforce anything of that scope is to update 4271 > with the new eBGP rules and state machine. > > Otherwise I do not believe that BCP will be out of the sudden honored by > vendors. Also I do not think it will be justified to be accept globally as > an OS upgrade without such strong enforcement. > > Thx, > r. > > > >> > There is one item I don't understand here: >> > >> > o Software MUST provide protection from internal failures preventing >> > the advertisement and acceptance of routes >> > >> > what does that mean (in other words "more verbose explanation, please")? >> >> Vendor software will actually fail-open and not honor the configured >> policy. I’d like to try and capture this case as implementation guidance >> to prevent damage to the global internet. >> >> - Jared >> _______________________________________________ >> Idr mailing list >> Idr@ietf.org >> https://www.ietf.org/mailman/listinfo/idr >> > > > _______________________________________________ > GROW mailing list > GROW@ietf.org > https://www.ietf.org/mailman/listinfo/grow > >
- [Idr] draft-mauch-bgp-reject Jared Mauch
- Re: [Idr] draft-mauch-bgp-reject Jared Mauch
- Re: [Idr] draft-mauch-bgp-reject Jeff Tantsura
- Re: [Idr] draft-mauch-bgp-reject Job Snijders
- Re: [Idr] draft-mauch-bgp-reject Russ White
- Re: [Idr] draft-mauch-bgp-reject Shane Amante
- Re: [Idr] draft-mauch-bgp-reject Christopher Morrow
- Re: [Idr] draft-mauch-bgp-reject Robert Raszuk
- Re: [Idr] draft-mauch-bgp-reject Shane Amante
- Re: [Idr] draft-mauch-bgp-reject Jared Mauch
- Re: [Idr] draft-mauch-bgp-reject Dorian Kim
- Re: [Idr] draft-mauch-bgp-reject Robert Raszuk
- Re: [Idr] draft-mauch-bgp-reject Jared Mauch
- [Idr] NO_EXPORT Re: draft-mauch-bgp-reject Jared Mauch
- Re: [Idr] draft-mauch-bgp-reject Jon Mitchell
- Re: [Idr] draft-mauch-bgp-reject Christopher Morrow
- Re: [Idr] draft-mauch-bgp-reject Jared Mauch
- Re: [Idr] draft-mauch-bgp-reject Job Snijders
- Re: [Idr] draft-mauch-bgp-reject Thomas Mangin
- Re: [Idr] draft-mauch-bgp-reject Robert Raszuk
- Re: [Idr] draft-mauch-bgp-reject Job Snijders
- Re: [Idr] draft-mauch-bgp-reject Robert Raszuk
- Re: [Idr] draft-mauch-bgp-reject Job Snijders
- Re: [Idr] draft-mauch-bgp-reject Robert Raszuk
- Re: [Idr] draft-mauch-bgp-reject Job Snijders
- Re: [Idr] draft-mauch-bgp-reject Robert Raszuk
- Re: [Idr] draft-mauch-bgp-reject Jon Mitchell
- Re: [Idr] draft-mauch-bgp-reject Robert Raszuk
- Re: [Idr] draft-mauch-bgp-reject George, Wes
- [Idr] draft-mauch-bgp-reject Jared Mauch
- Re: [Idr] draft-mauch-bgp-reject Susan Hares
- Re: [Idr] [GROW] draft-mauch-bgp-reject Gert Doering
- Re: [Idr] [GROW] draft-mauch-bgp-reject Nick Hilliard
- Re: [Idr] [GROW] draft-mauch-bgp-reject Jon Mitchell
- Re: [Idr] [GROW] draft-mauch-bgp-reject Jared Mauch
- Re: [Idr] [GROW] draft-mauch-bgp-reject Robert Raszuk
- Re: [Idr] [GROW] draft-mauch-bgp-reject Gert Doering
- Re: [Idr] [GROW] draft-mauch-bgp-reject Gert Doering
- Re: [Idr] [GROW] draft-mauch-bgp-reject Rick Casarez
- Re: [Idr] [GROW] draft-mauch-bgp-reject Rick Casarez