Re: [Idr] Vendor Defaults (was Re: Review of draft-ietf-large-community-06.txt)

Robert Raszuk <robert@raszuk.net> Mon, 07 November 2016 00:12 UTC

Return-Path: <rraszuk@gmail.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D0EDF1299A1 for <idr@ietfa.amsl.com>; Sun, 6 Nov 2016 16:12:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.399
X-Spam-Level:
X-Spam-Status: No, score=-2.399 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.199, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TdgFhQ2eXtkY for <idr@ietfa.amsl.com>; Sun, 6 Nov 2016 16:12:21 -0800 (PST)
Received: from mail-wm0-x235.google.com (mail-wm0-x235.google.com [IPv6:2a00:1450:400c:c09::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6E09A12999E for <idr@ietf.org>; Sun, 6 Nov 2016 16:12:21 -0800 (PST)
Received: by mail-wm0-x235.google.com with SMTP id t79so147692518wmt.0 for <idr@ietf.org>; Sun, 06 Nov 2016 16:12:21 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=41yUUKcsWF58yvTYe6C/AeQZmehyH+qvR9Gd1TSUwwo=; b=0fnYV/EUHVL3nQpXcDXs3ss8qpZbjKe7/Bazxbx/DLkZr38NIdKufL0jMcQeujqJpU 2SZgE1wFVbsEJBH5cYgt4zLzi1vxuZ/IkFgUAs1HFj1yfHiR8oYRvofmWOqfju7G098o F/aH4Q15zNDa3qNx5/Gve/QmzSKwE0R/8tZHym+Z12FzgDg0AGY6sdxrUksFb/R7+syR rND8Jby/zd7TygT+msdRGTg1KGyBwir4+SfsNWXVDOxK+abKTPc9+FokiX6ozdIxLRe2 OFplUza+Ktlc4j1yuQxkqFWQn6bcHidMXfejBO7vzBlXZ75xz90mv8tADGfrD99V6iaC W/nQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=41yUUKcsWF58yvTYe6C/AeQZmehyH+qvR9Gd1TSUwwo=; b=NFCfLQts/NY9RgaaTipbu3AaJzUDTceJZlyNG9h/+24cXLnDD7zXQrGDWrYnsKnzAh BJ9Kd71wBUppf0OT57tkCMpTYbveN4Tpek9gF+PX/Hh5cZbLwb/67zdRcvBIvSUMHEBL IHybUAoA0tuaYml1nO6mw31RY032qjDyVk0IpgrtUUVEMZLJ513/UYDxB7DgRVIvnRvy bqiRP3nCe7P1a5y/EbyFOcbD6Uc1VOC+o7V0mnnMSeKTQxRuCa+GvDukIgVWpuFls0ff shRPRRpr/cQYDFf9Jzm0bUSAgnsDMw5OTWdGLCAFLIvDbQPdx6cAxyQ2hxT4CBFCVlOs KeIQ==
X-Gm-Message-State: ABUngvf2W80MYmdjDUgUkXCGoIQcMtSprQSUOqiRTY7RWPLSYe1tyV6b2uERG5LaVey+LTM1Cy7xKBk+MSukgw==
X-Received: by 10.28.210.195 with SMTP id j186mr6079887wmg.73.1478477539953; Sun, 06 Nov 2016 16:12:19 -0800 (PST)
MIME-Version: 1.0
Sender: rraszuk@gmail.com
Received: by 10.80.137.69 with HTTP; Sun, 6 Nov 2016 16:12:18 -0800 (PST)
In-Reply-To: <C2C26B2F-75A0-49FB-B947-4B957611A23E@cisco.com>
References: <CAH1iCiq6jNtnkta0Bt952EQ9zOKSGt=_cCySsT5XuOKuHYO2nQ@mail.gmail.com> <86860386-9C2B-4BD5-B457-2A6DA5446CF3@cisco.com> <17E646EF-4633-423B-9AC4-B53D49C90632@gmail.com> <6CAFC026-6102-42BF-97FA-779457D84ECE@cisco.com> <CA+b+ERm5VVz520OhgXYTFOt9_M6_=MHLE9M-=1T+wnfw7RY83Q@mail.gmail.com> <C2C26B2F-75A0-49FB-B947-4B957611A23E@cisco.com>
From: Robert Raszuk <robert@raszuk.net>
Date: Mon, 7 Nov 2016 01:12:18 +0100
X-Google-Sender-Auth: hTpvCeZF2zi04yShHP-GDVXeh3w
Message-ID: <CA+b+ERkieHXpXQxjGnU+dGAz2nbNzWb6DxHG6vB7X5bp9VD3+Q@mail.gmail.com>
To: "Jakob Heitz (jheitz)" <jheitz@cisco.com>
Content-Type: multipart/alternative; boundary=001a11468e1493d1850540aae0e5
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/EgJ3C3K5SUEkkXdHG6-jzGiEV5Y>
Cc: "idr@ietf.org" <idr@ietf.org>
Subject: Re: [Idr] Vendor Defaults (was Re: Review of draft-ietf-large-community-06.txt)
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Nov 2016 00:12:24 -0000

Isn't the main motivation of LC to avoid overloading the target ASN with
private ASN values to embed the action ?

Besides both are applicable to their directly connected customers so really
regardless of the default those should be dropped by policy after
execution/application.

Thanks,
R.

On Mon, Nov 7, 2016 at 1:04 AM, Jakob Heitz (jheitz) <jheitz@cisco.com>
wrote:

> An example of unintended routing:
> Both AS2914 and AS49544 use the private ASN 65501 to prepend one time.
> If a route using 65501 in the community traverses both these ASes, then
> each AS will prepend, resulting in (likely unintended) double prepending.
> https://onestep.net/communities/as2914/
> https://onestep.net/communities/as49544/
>
> Thanks,
> Jakob.
>
>
> On Nov 6, 2016, at 3:30 PM, Robert Raszuk <robert@raszuk.net> wrote:
>
> Hi Jakob,
>
> Very fair and good summary !
>
> One question: What is "unintended routing" ? Are you alluding to "churn"
> If so pls see my reply to previous post.
>
> Just to reiterate ... I do recommend that whatever option gets more
> support it should be spelled out in the Large Community RFC such that all
> implementations can be consistent.
>
> Best,
> Robert
>
>
> On Mon, Nov 7, 2016 at 12:25 AM, Jakob Heitz (jheitz) <jheitz@cisco.com>
> wrote:
>
>> The question:
>> Should Large Communities be transmitted across EBGP by default?
>>
>> Note: there is a knob to change the default, so the discussion is how to
>> act with the knob unconfigured.
>>
>> Arguments to block:
>> 1. Principle of least surprise: Do same as 1997.
>> 2. Accidental leakage of internally used communities will cause
>> unintended routing.
>>
>> Arguments to pass:
>> 1. Legacy code will pass it, because the attribute is transitive. Upgrade
>> to LC aware code should do the same by default.
>> 2. It is convenient to pass a community through your first level transit
>> to fix a problem further upstream. A default block frustrates this effort.
>>
>> The problem of accidental leakage is greater with 1997 communities,
>> because many ISPs use private ASNs. This is as problem if a community
>> intended for a distant ISP is interpreted by a near ISP when they use the
>> same private ASN. This problem SHOULD disappear with Large Communities,
>> because the need to use private ASNs no longer exists.
>>
>> I would like to hear other arguments and gauge support for each case.
>>
>> Thanks,
>> Jakob.
>>
>> _______________________________________________
>> Idr mailing list
>> Idr@ietf.org
>> https://www.ietf.org/mailman/listinfo/idr
>>
>
>
> _______________________________________________
> Idr mailing list
> Idr@ietf.org
> https://www.ietf.org/mailman/listinfo/idr
>
>