Re: [Idr] New BGP capability to advertise running daemon version

"Susan Hares" <shares@ndzh.com> Wed, 07 August 2019 15:34 UTC

Return-Path: <shares@ndzh.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4A690120396 for <idr@ietfa.amsl.com>; Wed, 7 Aug 2019 08:34:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.949
X-Spam-Level:
X-Spam-Status: No, score=0.949 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DOS_OUTLOOK_TO_MX=2.845, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id L1XdfWMkFRaj for <idr@ietfa.amsl.com>; Wed, 7 Aug 2019 08:34:17 -0700 (PDT)
Received: from hickoryhill-consulting.com (50-245-122-100-static.hfc.comcastbusiness.net [50.245.122.100]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DCEB6120393 for <idr@ietf.org>; Wed, 7 Aug 2019 08:34:16 -0700 (PDT)
X-Default-Received-SPF: pass (skip=forwardok (res=PASS)) x-ip-name=97.112.26.170;
From: "Susan Hares" <shares@ndzh.com>
To: "'Job Snijders'" <job@ntt.net>, "'Robert Raszuk'" <robert@raszuk.net>
Cc: <idr@ietf.org>
References: <CAPF+HwV3EEUza3FyiXsd_oSkj80OwY-tE2DgFWnynq1FL2tLHg@mail.gmail.com> <015d56c13d01436890da2b8a7179fac9@turkcell.com.tr> <CAPF+HwV2Df6qcRD+GrE_JFv8W5Yh3OACKZrdv1Bw4PXQbjtDyQ@mail.gmail.com> <20190802150251.GA11217@pfrc.org> <CACWOCC_J6-wMWx7KL2dza5A77KFnoabMt7oAY-xhsGb8Vf3O5w@mail.gmail.com> <CAOj+MMFL7FVciSx1NyCp9zCPXZeRtNn4J-O1vS8btg96ZbDRuA@mail.gmail.com> <CACWOCC_+X2bVWa3iFmb6eQ8FVvvn98h_B12HVVundcqCsd+-Lw@mail.gmail.com>
In-Reply-To: <CACWOCC_+X2bVWa3iFmb6eQ8FVvvn98h_B12HVVundcqCsd+-Lw@mail.gmail.com>
Date: Wed, 7 Aug 2019 11:34:05 -0400
Message-ID: <015901d54d35$8cb44ed0$a61cec70$@ndzh.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_015A_01D54D14.05A742B0"
X-Mailer: Microsoft Outlook 14.0
Content-Language: en-us
Thread-Index: AQGHHUFXsNXESvgLKN7qzs5kGLaZSAGTgg1eAY3ubK8B6SE7VQI8+owCAcKpOH4ByGAyA6c1m4Qw
X-Antivirus: AVG (VPS 190807-0, 08/07/2019), Outbound message
X-Antivirus-Status: Not-Tested
X-Authenticated-User: skh@ndzh.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/RmObg6bEhwbs2BEy-l5CnDBKPbc>
Subject: Re: [Idr] New BGP capability to advertise running daemon version
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Aug 2019 15:34:18 -0000

Job and Robert: 

 

If you wish to pick draft-ietf-idr-opertional-messages-00.txt , just resubmit with a new version.  

 

If you have 2 implementations, we can push this quickly toward publication. 

 

Sue 

 

 

From: Idr [mailto:idr-bounces@ietf.org] On Behalf Of Job Snijders
Sent: Friday, August 2, 2019 11:21 AM
To: Robert Raszuk
Cc: idr@ietf.org
Subject: Re: [Idr] New BGP capability to advertise running daemon version

 

Perhaps this work should be picked up again. 

 

On Sat, Aug 3, 2019 at 00:19 Robert Raszuk <robert@raszuk.net> wrote:

Hi,

 

Just to refresh memory there is an active WG document precisely describing how to carry such information between BGP peers. It is called BGP Operational Message

 

https://tools.ietf.org/html/draft-ietf-idr-operational-message-00 

 

The ADVISE TLV there section 3.4.1 and 4 are proposed with the very same intention as this discussion is targeting. 

 

Due to no customer push vendors have not implemented it yet. So the draft is just hanging waiting for implementations.  

 

I think if there is some new interest please consider to review the linked WG doc and possibly augment it with missing elements. 

 

Use of BGP capabilities in current state of implementation of bgp dynamic capabilities is really not the right messaging vehicle here. 

 

Thx,

R.

 

On Fri, Aug 2, 2019 at 11:09 AM Job Snijders <job@ntt.net> wrote:

Right now operators use the peer’s MAC address and certain TCP behaviorism (nmap -O) to attempt to conclude what the remote side might be in case of issues. 

 

I see value in having this on by default. Security through obscurity isn’t the best defense anyway. I’m assuming a degree of trust exists anyway, why else set up a BGP session in the first place?

 

I think there are valid use cases, i think it is worthwhile exploring how to implement this concept.

 

Kind regards,

 

Job

_______________________________________________
Idr mailing list
Idr@ietf.org
https://www.ietf.org/mailman/listinfo/idr