Re: [Idr] new ID on expansion of private use ASN range

[Christopher Morrow <morrowc.lists@gmail.com>]

On Tue, Jul 3, 2012 at 11:54 AM, Robert Raszuk <robert@raszuk.net> wrote:
> Jon,
>
> The point I am making is that you no always have full control on what
> private AS your customer chooses to use.
>
> If you use private AS within your domain there is risk that you would end up
> using the same AS number as your customers - so all tricks like private AS
> stripping, allowas-in or as-override would still need to be applied.
>

isn't the case of 'give customers an ASN to peer with us in more than
one location' just: RFC2270
why would you pollute your RIB and your configs with private-asn when
a public is available for this? (or a reason to get a public is
available for this).

> And once you apply it once you better apply it everywhere as non uniform
> configuration which does not follow templates is the worst NOC nightmare.

yes, less complex config, win.

> That is no matter how many private ASes are in the pool.
>

right, because you used 2270 and a public asn.
(sorry for hijacking)
-chris

> I am bringing SOO as an example as this is single time configuration when
> you establish eBGP session to a given site to see what would be missing to
> realize your objective. The main difference is that you have full control
> over SOO value.
>
>
>> [JM]  Robert - are you are saying you do not support the draft
>
> No - however seeing comments from others I am getting less and less keen on
> it - more towards being just neutral. Clearly just reserving the pool does
> no harm to anyone ;-)
>
> Rgs,
> R.
>
>
>
>> [JM] Inline..
>>
>> On Tue, Jul 03, 2012 at 05:08:38PM +0200, Robert Raszuk wrote:
>>>
>>> Jon,
>>>
>>>> I don't expect this draft to fix/change every
>>>> situation where AS_PATH manipulation hacks are used, but it should
>>>> reduce the ones where they are used for communication within one
>>>> administrative domain that can allocate their own numbering yet the
>>>> number of sites exceeds 1022.
>>>
>>>
>>> How about if each of such internal site uses the same *single*
>>> private AS number and you perform loop detection/troubleshooting by
>>> use of SOO extended community ?
>>>
>>> It is local to you to assign it's value (6 octets seems wide enough)
>>> and it has been already widely implemented.
>>
>>
>> [JM]  Robert - are you are saying you do not support the draft as I can
>> use hacks/workarounds such as allow-as-in or as-override in conjunction
>> with site of origin to add loop detection or am I misunderstanding your
>> suggestion?  What if I want to use BGP as designed for AS_PATH loop
>> detection and be able to do standard troubleshooting/filtering based on
>> AS_PATH and not worry about (mis-)configuration of soo?   Why not have a
>> range of private ASNs large enough to support internal networking
>> requirements of organizations w/o the use of more and more features?
>>
>> _______________________________________________
>> Idr mailing list
>> Idr@ietf.org
>> https://www.ietf.org/mailman/listinfo/idr
>>
>>
>
>
> _______________________________________________
> Idr mailing list
> Idr@ietf.org
> https://www.ietf.org/mailman/listinfo/idr