Re: [Idr] IETF LC for IDR-ish document <draft-ietf-grow-bgp-reject-05.txt> (Default EBGP Route Propagation Behavior Without Policies) to Proposed Standard

<> Tue, 25 April 2017 07:20 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 5DAD6128768 for <>; Tue, 25 Apr 2017 00:20:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.618
X-Spam-Status: No, score=-2.618 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id qz0JmdmXO6cj for <>; Tue, 25 Apr 2017 00:20:45 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 3198812708C for <>; Tue, 25 Apr 2017 00:20:45 -0700 (PDT)
Received: from (unknown [xx.xx.xx.8]) by (ESMTP service) with ESMTP id AB2EC602A5; Tue, 25 Apr 2017 09:20:43 +0200 (CEST)
Received: from Exchangemail-eme2.itn.ftgroup (unknown [xx.xx.31.42]) by (ESMTP service) with ESMTP id 7955780072; Tue, 25 Apr 2017 09:20:43 +0200 (CEST)
Received: from OPEXCLILM21.corporate.adroot.infra.ftgroup ([fe80::e92a:c932:907e:8f06]) by OPEXCLILM41.corporate.adroot.infra.ftgroup ([fe80::c845:f762:8997:ec86%19]) with mapi id 14.03.0319.002; Tue, 25 Apr 2017 09:20:43 +0200
To: Christopher Morrow <>
CC: Keyur Patel <>, Hares Susan <>, "" <>, Robert Raszuk <>
Thread-Topic: [Idr] IETF LC for IDR-ish document <draft-ietf-grow-bgp-reject-05.txt> (Default EBGP Route Propagation Behavior Without Policies) to Proposed Standard
Thread-Index: AQHSvSxa7FfrXgMKmU+OEgrGuKcw4aHVq/nQ
Date: Tue, 25 Apr 2017 07:20:42 +0000
Message-ID: <6081_1493104843_58FEF8CB_6081_2377_1_53C29892C857584299CBF5D05346208A31CCAC9C@OPEXCLILM21.corporate.adroot.infra.ftgroup>
References: <> <> <> <> <> <> <>
In-Reply-To: <>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
x-originating-ip: []
Content-Type: multipart/alternative; boundary="_000_53C29892C857584299CBF5D05346208A31CCAC9COPEXCLILM21corp_"
MIME-Version: 1.0
Archived-At: <>
Subject: Re: [Idr] IETF LC for IDR-ish document <draft-ietf-grow-bgp-reject-05.txt> (Default EBGP Route Propagation Behavior Without Policies) to Proposed Standard
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Inter-Domain Routing <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 25 Apr 2017 07:20:49 -0000

Hi Christopher,

Please see inline [Bruno]

From: Christopher Morrow Sent: Monday, April 24, 2017 8:56 PM

(catching up from ... not reading a 100 message thread)

On Wed, Apr 19, 2017 at 6:26 PM, Robert Raszuk <<>> wrote:

You can not set "insecure mode" before you reload the OS as current OS does not have such knob. Unless you delay the deployment across N releases and enforce sequenced upgrade.

isn't this a well known, common practice for software upgrades though?

1) is this software fixing something broken? (or necessary for some feature we need)
2) does the OS boot/load on a lab/test device (don't laugh, often this fails!)
3) does the current golden config for this sort of device load on new OS?
4) does expected behavior for device continue to be in effect?
5) are there configuration changes required to get back to the proper operating state?

I think for a bunch of software upgrades 'make configlet changes' is required, so ... this doesn't seem out of scope for normal ops work.
[Bruno] The acceptability may be different, depending on whether the config change is required to enable a feature that you want to enable, or is imposed to you with no benefit in your deployment case.

The only way to prevent massive reachability failure upon reload due to complete silent bgp prefix drop is to configure inbound policy for all EBGP sessions before the reload and run with new image.

Of course this is all assuming that someone will read carefully the release notes :)

and test before loading on their whole network of revenue relevant infrastructure.

If they do not the troubleshooting of this will be really painful ! CE will see EBGP session as UP, will get all the routes and will send his routes. CE will have no clue if PE dropped or accepted his routes. Likewise on the other end .. Only imagine a network which has 10s of thousands of VPN CEs as Bruno mentioned and their provider not following all releases CEs are running.

it's concerning that people have networks with no filtering/conditioning/etc on their bgp sessions...
- I guess you meant EBGP sessions. Even probably EBGP sessions between administrative boundaries, while there are EBGP sessions within administrative boundaries. This document does not seem to make the latter distinction.
- The context of the comment was about VPN. P stands for private, where the network operator is paid to provide transparent IP network. Filtering is not that transparent, in particular in the middle of the customer network. Typically, the config includes a safeguard policy to limit the number of prefixes accepted from the EBGP session (to protect from overloading routers) but such policy does not seem to count as “import policy” from this draft.

At least doing it as part of OPEN msg will be immediately indicated to both ends.


On Thu, Apr 20, 2017 at 12:16 AM, Keyur Patel <<>> wrote:
And that would be good enough if that would allow exemptions of DC networks and any other networks that may need exemption.

In that case I support the publication.


On 4/19/17, 2:08 PM, "Jared Mauch" <<>> wrote:

    If someone sets insecure mode they can  e as promiscuous as they want.

    That mode can have a very low bar IMO.

    Jared Mauch

    > On Apr 19, 2017, at 4:58 PM, Acee Lindem (acee) <<>> wrote:
    > I would agree with Keyur, For better or worse, our Cisco NX-OS BGP
    > implementation does not require configuration of a peer policy.
    > In fact, this requirement is contrary to some of the auto-discovery
    > mechanisms we are exploring where only knowledge of the mutual address
    > families is required.
    > Thanks,
    > Acee
    > On 4/19/17, 4:43 PM, "Idr on behalf of Keyur Patel" <<>
    > on behalf of<>> wrote:
    >> Thank you John for bringing it on IDR.
    >> As an update to RFC4271, I am not sure if I agree with the EBGP policy
    >> configuration. There are lot of DC networks (for example) that use EBGP
    >> within their CLOS. This extension may not be applicable in such networks.
    >> I would request authors to consider refining text to include appropriate
    >> EBGP use cases and not make it generic for EBGP sessions (defined in
    >> 4271).
    >> Regards,
    >> Keyur
    >> On 4/19/17, 9:49 AM, "Idr on behalf of John G. Scudder"
    >> <<> on behalf of<>> wrote:
    >>   IDR folks,
    >>   As many of you have already noticed, draft-ietf-grow-bgp-reject-05
    >> has completed GROW WGLC and is now in IETF LC.
    >>   As nobody other than Alvaro noticed (thank you for noticing, Alvaro!)
    >> draft-ietf-grow-bgp-reject-05 represents an update to RFC 4271, in that
    >> it mandates what a BGP implementation MUST do. See section 2 of the draft
    >> for the details. It's short and easy to read.
    >>   If we had noticed this earlier, we would have either chosen to home
    >> the document in IDR, or explicitly made an exception to have GROW do the
    >> work. Given that we didn't, though, the plan is to continue progressing
    >> the draft as a GROW document. However:
    >>   - As I understand it, the authors will add the Updates: 4271 header
    >> in addition to potentially taking in other comments from AD review.
    >>   - If anyone has a strong objection to the unusual procedure, please
    >> say so (either on-list, or to the chairs + AD).
    >>   - Please send any last call comments to the IETF LC (see below)
    >> although it's also OK to discuss here on the IDR list of course.
    >>   Many IDR participants are also active in GROW and have had their say,
    >> but if you haven't, now's your chance.
    >>   Thanks,
    >>   --John
    >>> Begin forwarded message:
    >>> From: The IESG <<>>
    >>> Subject: Last Call: <draft-ietf-grow-bgp-reject-05.txt> (Default
    >> EBGP Route Propagation Behavior Without Policies) to Proposed Standard
    >>> Date: April 18, 2017 at 5:16:05 PM EDT
    >>> To: "IETF-Announce" <<>>
    >>> Cc:<>,<>,
    >>> Reply-To:<>
    >>> The IESG has received a request from the Global Routing Operations
    >> WG
    >>> (grow) to consider the following document:
    >>> - 'Default EBGP Route Propagation Behavior Without Policies'
    >>> <draft-ietf-grow-bgp-reject-05.txt> as Proposed Standard
    >>> The IESG plans to make a decision in the next few weeks, and
    >> solicits
    >>> final comments on this action. Please send substantive comments to
    >> the
    >>><> mailing lists by 2017-05-02. Exceptionally, comments
    >> may be
    >>> sent to<> instead. In either case, please retain the
    >>> beginning of the Subject line to allow automated sorting.
    >>> Abstract
    >>> This document defines the default behavior of a BGP speaker when
    >>> there is no import or export policy associated with an External BGP
    >>> session.
    >>> The file can be obtained via
    >>> IESG discussion can be tracked via
    >>> This IETF LC, which originally concluded on 2017-04-18, is being
    >>> extended to allow for additional input to be provided. Ops AD (for
    >> GROW)
    >>> and Routing AD (for IDR) wish to ensure that cross WG discussions
    >> have
    >>> had a chance to occur.
    >>> No IPR declarations have been submitted directly on this I-D.
    >>   _______________________________________________
    >>   Idr mailing list
    >> _______________________________________________
    >> Idr mailing list
    > _______________________________________________
    > Idr mailing list

Idr mailing list<>

Idr mailing list<>


Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.

This message and its attachments may contain confidential or privileged information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
Thank you.