Re: [Idr] IETF LC for IDR-ish document <draft-ietf-grow-bgp-reject-05.txt> (Default EBGP Route Propagation Behavior Without Policies) to Proposed Standard
Jeffrey Haas <jhaas@pfrc.org> Tue, 25 April 2017 22:03 UTC
Return-Path: <jhaas@slice.pfrc.org>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1B45F1275AB for <idr@ietfa.amsl.com>; Tue, 25 Apr 2017 15:03:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YZkQuhuZ5P2N for <idr@ietfa.amsl.com>; Tue, 25 Apr 2017 15:03:45 -0700 (PDT)
Received: from slice.pfrc.org (slice.pfrc.org [67.207.130.108]) by ietfa.amsl.com (Postfix) with ESMTP id 43350128BB6 for <idr@ietf.org>; Tue, 25 Apr 2017 15:03:45 -0700 (PDT)
Received: by slice.pfrc.org (Postfix, from userid 1001) id AC2F71E358; Tue, 25 Apr 2017 18:11:04 -0400 (EDT)
Date: Tue, 25 Apr 2017 18:11:04 -0400
From: Jeffrey Haas <jhaas@pfrc.org>
To: Jared Mauch <jared@puck.nether.net>
Cc: idr@ietf.org, "Alvaro Retana (aretana)" <aretana@cisco.com>
Message-ID: <20170425221104.GS30063@pfrc.org>
References: <D4E812E8-AA7B-4EA2-A0AC-034AA8922306@juniper.net> <9047A5A0-ED12-43C2-B2C5-D2A71CBB4373@arrcus.com> <D51D46A7.A9732%acee@cisco.com> <0A49219D-E721-4DA8-B9BF-A55C2FA36FBE@puck.nether.net> <D95C67A4-AEBF-400B-A360-61C342FD6E4A@arrcus.com> <CA+b+ER=hq0=JNRfF8VA76_aqeRMBCeyQm5aTbapysXGTgaGS_g@mail.gmail.com> <50353B76-1323-4828-88D6-25954DA1E344@puck.nether.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <50353B76-1323-4828-88D6-25954DA1E344@puck.nether.net>
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/NmMdZuKL-qjbmQU6IpYxhGvkeJY>
Subject: Re: [Idr] IETF LC for IDR-ish document <draft-ietf-grow-bgp-reject-05.txt> (Default EBGP Route Propagation Behavior Without Policies) to Proposed Standard
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 25 Apr 2017 22:03:47 -0000
[I'm picking on this specific message to make my points.] On Thu, Apr 20, 2017 at 09:40:13AM -0400, Jared Mauch wrote: > > > On Apr 19, 2017, at 6:26 PM, Robert Raszuk <robert@raszuk.net> wrote: > > > > Keyur, > > > > You can not set "insecure mode" before you reload the OS as current OS does not have such knob. Unless you delay the deployment across N releases and enforce sequenced upgrade. > > Infact, this is the recommendation that I’ve provided to vendors that have expressed concerns. There are many defaults that have not always been displayed, but things like IOS have “show run all” so you can see these. > > Something like the ‘bgp unsafe-ebgp-policy’ could be generated on their respective implementations. I didn’t think that GROW/IDR needed to tell implementors this level of how to manage their release, so this does seem somewhat out of scope, but a concern I can see needs to be thought about. My own thoughts on this draft haven't really changed since my original comments at the microphone and in the halls after grow when it was introduced: - I'm supportive of this idea. Safe by default is significantly better than unsafe by default. - Moving to this as a new behavior will be extremely painful. The word I've used internally has been "excruciating". The tenor of this thread has really taken a disservice by conflating the "this is a good idea" and the "we're going to make long-standing implementations non-conformant" via the document status bludgeon. The latter isn't the fault of the document authors, but it's where I think we took a wrong turn. My personal recommendation is, presuming Alvaro and the IESG can live with the particular bending of the meaning of BCP, that we go for that status. This thread has generated a lot of good ideas about how to mitigate the pain of moving existing implementations to support this practice. It'd be good if we summarize those some place. Perhaps that place should be in the RFC-to-be. That said, even with some of the techniques involved, implementors will take considerable pain in making these changes. Defaults do change. Impacted operators get cranky with them and they cause outages. Sane developers do not tend to want to be the one tagged as responsible for the change because the hate mail in the form of bug reports, regressions, broken tests that comes back to them. :-) I'm not the most sane of our developers and I've been spending time since this was originally proposed in grow to allow such a change in our implementation and mitigate the results. The change is easy, the mitigation is not. And even I'm sensitive to how much pain this will be. I dare say my operator friends can't buy me quite enough beer to make it "easy". But it's worth continuing the conversation. -- Jeff
- [Idr] IETF LC for IDR-ish document <draft-ietf-gr… John G. Scudder
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Gert Doering
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Jared Mauch
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Acee Lindem (acee)
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Robert Raszuk
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Keyur Patel
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Enke Chen
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Robert Raszuk
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Acee Lindem (acee)
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Robert Raszuk
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… John Scudder
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Acee Lindem (acee)
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Robert Raszuk
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Enke Chen
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… bruno.decraene
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Keyur Patel
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Robert Raszuk
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Jeff Tantsura
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Brian Dickson
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Enke Chen
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Job Snijders
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… bruno.decraene
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… bruno.decraene
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Job Snijders
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Job Snijders
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… bruno.decraene
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… bruno.decraene
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… bruno.decraene
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Job Snijders
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Job Snijders
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Job Snijders
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Job Snijders
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Job Snijders
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Job Snijders
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Job Snijders
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… bruno.decraene
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… bruno.decraene
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… bruno.decraene
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Job Snijders
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… bruno.decraene
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… bruno.decraene
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Jared Mauch
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Jared Mauch
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Jared Mauch
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Jared Mauch
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Robert Raszuk
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Jared Mauch
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Jared Mauch
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Jared Mauch
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Jared Mauch
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… i3D.net - Martijn Schmidt
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Jared Mauch
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Job Snijders
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Jared Mauch
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Jared Mauch
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Enke Chen
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Job Snijders
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Enke Chen
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Dickinson, Ian
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Job Snijders
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Gert Doering
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Robert Raszuk
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Job Snijders
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… bruno.decraene
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Enke Chen
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Enke Chen
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Tony Przygienda
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Enke Chen
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… John G. Scudder
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… John G. Scudder
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Brian Dickson
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Alvaro Retana (aretana)
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Enke Chen
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Robert Raszuk
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… John Scudder
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Tony Przygienda
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Job Snijders
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Robert Raszuk
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Enke Chen
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Robert Raszuk
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Eric C Rosen
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Eric C Rosen
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… John Scudder
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Enke Chen
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Enke Chen
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… John Scudder
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Enke Chen
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Jared Mauch
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Jared Mauch
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… John G. Scudder
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… bruno.decraene
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Robert Raszuk
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… bruno.decraene
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Job Snijders
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Job Snijders
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Robert Raszuk
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… bruno.decraene
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Job Snijders
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Job Snijders
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… bruno.decraene
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… bruno.decraene
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Job Snijders
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Robert Raszuk
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Eric C Rosen
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Enke Chen
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Job Snijders
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Job Snijders
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Robert Raszuk
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Eric C Rosen
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Gert Doering
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Job Snijders
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Nick Hilliard
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Gert Doering
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Robert Raszuk
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Jay Borkenhagen
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Job Snijders
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Robert Raszuk
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… t.petch
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Enke Chen
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Robert Raszuk
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Mikael Abrahamsson
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Robert Raszuk
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Mikael Abrahamsson
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Mikael Abrahamsson
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Robert Raszuk
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Brian Dickson
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Christopher Morrow
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Christopher Morrow
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Christopher Morrow
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Job Snijders
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Mikael Abrahamsson
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Enke Chen
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Job Snijders
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Enke Chen
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Nick Hilliard
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Jared Mauch
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Job Snijders
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Mikael Abrahamsson
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… bruno.decraene
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Mikael Abrahamsson
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… bruno.decraene
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Mikael Abrahamsson
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… bruno.decraene
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… bruno.decraene
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Mikael Abrahamsson
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… bruno.decraene
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… bruno.decraene
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… t.petch
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Jeffrey Haas
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Jared Mauch
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Greg Hankins
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Jeffrey Haas
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Jeffrey Haas
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… John G. Scudder
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Mikael Abrahamsson
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Jared Mauch
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Robert Raszuk
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Gert Doering
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Mikael Abrahamsson
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Jared Mauch
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Robert Raszuk
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Gert Doering
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Gert Doering
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Christopher Morrow
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Jared Mauch
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Robert Raszuk
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Gert Doering
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Jeffrey Haas
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Jeffrey Haas
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… John G. Scudder
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Warren Kumari
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Jared Mauch
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Brian Dickson
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Alexander Azimov
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Joe Provo
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Mikael Abrahamsson
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Robert Raszuk
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Warren Kumari
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Robert Raszuk
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Joe Provo
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… John G. Scudder
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Christopher Morrow
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Randy Bush
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Randy Bush
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Brian Dickson
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Randy Bush
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Robert Raszuk
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Randy Bush
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Robert Raszuk
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Job Snijders
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Job Snijders
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… John G. Scudder
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Robert Raszuk
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Jared Mauch
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Warren Kumari
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Enke Chen
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Brian Dickson
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Jakob Heitz (jheitz)
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Jakob Heitz (jheitz)
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Robert Raszuk
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Mikael Abrahamsson
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… Alexander Azimov
- Re: [Idr] IETF LC for IDR-ish document <draft-iet… John G. Scudder