IETF Logo Mail Archive

Re: [Idr] WGLC on draft-ietf-idr-as-private-reservation-00

David Farmer <farmer@umn.edu> Thu, 20 December 2012 15:04 UTC

Return-Path: <farmer@umn.edu>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8E53421F894F for <idr@ietfa.amsl.com>; Thu, 20 Dec 2012 07:04:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id P5jHwhVHR+rz for <idr@ietfa.amsl.com>; Thu, 20 Dec 2012 07:04:10 -0800 (PST)
Received: from vs-m.tc.umn.edu (vs-m.tc.umn.edu [134.84.135.97]) by ietfa.amsl.com (Postfix) with ESMTP id B3ED021F8626 for <idr@ietf.org>; Thu, 20 Dec 2012 07:04:10 -0800 (PST)
Received: from mail-ie0-f197.google.com (mail-ie0-f197.google.com [209.85.223.197]) by vs-m.tc.umn.edu (UMN smtpd) with ESMTP for <idr@ietf.org>; Thu, 20 Dec 2012 09:04:00 -0600 (CST)
X-Umn-Remote-Mta: [N] mail-ie0-f197.google.com [209.85.223.197] #+LO+TR
X-Umn-Classification: local
Received: by mail-ie0-f197.google.com with SMTP id 16so14301107iea.4 for <idr@ietf.org>; Thu, 20 Dec 2012 07:04:00 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:x-received:message-id:date:from:reply-to:organization :user-agent:mime-version:to:cc:subject:references:in-reply-to :content-type:content-transfer-encoding:x-gm-message-state; bh=WNvAfg+MPdJ1vNGX6IuxAq5Zw9ixEcsateE1q+xYqyQ=; b=GonL7As5QSe/TKQ/DxXrDPnFCmeIY34c2G5Ua3YqOGHceLl+rdU4teD9iyRcwD8xDX yzc9P5GhD1Ec2oGep5eQ8FBHQ48WSCk3F9kMPlDGkntsqFSkLvjCtoozRu5b2mHA6YlL 0cArXTtowd1h9Rck2PUz9T13rFNIKOYn+o4nlubO7WQmiWI+2VT4tBJ9G3FWAWiqYIoX ZsPLESThigkPNnkMBb8iq6UE6XGdesywC6OYLofjf9smvyDpTkJd+3xgfoFqPUKIHCx3 qxFVRa1wRr60MJdn+lr1bCkh/aN6uKVxZ0sXEzHrFFfzHZGswzJM9dSxLqIa3d8VPMMV E0rQ==
X-Received: by 10.50.194.196 with SMTP id hy4mr10212680igc.52.1356015840199; Thu, 20 Dec 2012 07:04:00 -0800 (PST)
X-Received: by 10.50.194.196 with SMTP id hy4mr10212667igc.52.1356015840093; Thu, 20 Dec 2012 07:04:00 -0800 (PST)
Received: from oit201651646.local (c-24-118-200-23.hsd1.mn.comcast.net. [24.118.200.23]) by mx.google.com with ESMTPS id lu10sm2972780igc.15.2012.12.20.07.03.58 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 20 Dec 2012 07:03:59 -0800 (PST)
Message-ID: <50D328DC.2020906@umn.edu>
Date: Thu, 20 Dec 2012 09:03:56 -0600
From: David Farmer <farmer@umn.edu>
Organization: University of Minnesota
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:17.0) Gecko/17.0 Thunderbird/17.0
MIME-Version: 1.0
To: Jon Mitchell <jrmitche@puck.nether.net>
References: <B6B72499-E9D0-4281-84EB-6CA53694866E@juniper.net> <D704E7E3-3A95-4696-9757-9E17605E670C@tony.li> <378E396E-3F4B-4ACC-83D1-C4931524FECD@puck.nether.net> <CA+b+ERneavhy1gzKRSnCfN+YjYcU0+3WgBg6f68gq=tpx8yV5g@mail.gmail.com> <1AC79BDA-C088-47B4-888D-4B0428FB7C4F@puck.nether.net> <B549F708-0D5E-4B22-AC91-B6CE61B258FE@tony.li> <CAL9jLaZdX_jem0JdSGHzuhc3GDZXMDR0kvMKq5xr3D-EWYbNVQ@mail.gmail.com> <20121129191043.GA9189@puck.nether.net>
In-Reply-To: <20121129191043.GA9189@puck.nether.net>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Gm-Message-State: ALoCoQlh+2YpkDTmcuC9rhARIrBWeUx0vr0G2aOBb2G5FlwJR4g7rEu2zVdsfmPBnoe21c57XAhIY1ApQNZvssWFi03pUZmtw7nJDgnlsHUdt0Tp2ryzFzHogU85vk0W2Zkb+zCCckSh
Cc: idr wg <idr@ietf.org>
Subject: Re: [Idr] WGLC on draft-ietf-idr-as-private-reservation-00
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: David Farmer <farmer@umn.edu>
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/idr>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Dec 2012 15:04:11 -0000

I know the last call is over so ignore this if you wish;  However, I've 
been thinking about the issue of filtering private ASNs through out the 
discussion, but I hadn't identified what was bugging me until now.

Here are a couple quotes for some context;

On 11/29/12 13:10 , Jon Mitchell wrote:
> Any network can filter private ASNs as well as various other types of
> ASNs on ingress that they do not want to not accept/propogate.  This
> draft will have no impact on whether people tend to do that correctly or
> not in my opinion.  Folks who have no use for more than a thousand
> internal use ASNs today are not likely to use this new range.

On 11/30/12 14:15 , Brian Dickson wrote:>
 > If you see it on the Public Internet, it does not belong and can be
 > ignored safely, and should not be propagated to one's Internet
 > peers/customers.

But several others have made similar comments as well.

This is basically covered in Section 3 "Operational Considerations" in 
the draft.  Here is what it says now;

    If private use ASNs are used and prefixes are originated from these
    private use ASNs which are destined to the Internet, private use ASNs
    must be removed from the AS_PATH before being advertised to the
    global Internet.  Operators are cautioned to ensure any filters or
    implementation specific features that recognize private use ASNs have
    been updated to recognize both ranges prior to making use of the
    newer, numerically higher range of private use ASNs.

I like that this says "private use ASNs must be removed from the AS_PATH 
before being advertised to the global Internet."  However, it finally 
hit me that in the quotes above, and in others as well, we have said "if 
you see private use ASNs on the global Internet you can filter them." 
But, this is only implied by the text in section 3, not explicitly 
stated.  So, I suggest that section 3 also explicitly state that 
operators may filter private use ASNs they receive from the global 
Internet.

So here is some suggested text.

    Operators may drop or disregard any prefix received from the global
    Internet that is originated from or that contains a private use ASN
    in the AS_PATH.  This may result in unpredictable connectivity for
    any prefix originated from or containing a private use ASN in the
    AS_PATH.  Therefore, all operators using private use ASNs to
    originate prefixes or passing an AS_PATH that contains private use
    ASNs to the global Internet, must remove all private use ASNs from
    the AS_PATH before being advertised to the global Internet.
    Furthermore, operators are cautioned to ensure any filters or
    implementation specific features that recognize private use ASNs
    have been updated to recognize both ranges prior to making use of
    the newer, numerically higher range of private use ASNs.

Again the intent of the change is to explicitly state operators can 
filter any prefixes received from the global Internet that uses private 
use ASNs.  In addition to stating you must not send the to the global 
Internet in the first place.

Thanks

-- 
================================================
David Farmer               Email: farmer@umn.edu
Office of Information Technology
University of Minnesota
2218 University Ave SE     Phone: 1-612-626-0815
Minneapolis, MN 55414-3029  Cell: 1-612-812-9952
================================================

v2.31.3 | Report a Bug | By Email | System Status