Re: [Idr] Choice of Large vs. Extended Community for Route Leaks Solution
"Jakob Heitz (jheitz)" <jheitz@cisco.com> Wed, 31 March 2021 18:03 UTC
Return-Path: <jheitz@cisco.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3AB193A3025; Wed, 31 Mar 2021 11:03:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -11.918
X-Spam-Level:
X-Spam-Status: No, score=-11.918 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_NONE=0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=dvZ+Mudb; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=Xy35ygIC
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id S78GIc4f6Lab; Wed, 31 Mar 2021 11:02:56 -0700 (PDT)
Received: from alln-iport-4.cisco.com (alln-iport-4.cisco.com [173.37.142.91]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 151D53A1BC3; Wed, 31 Mar 2021 11:02:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=4673; q=dns/txt; s=iport; t=1617213776; x=1618423376; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=u42p3y3E580AvfeVbAaZU02KcSas6xyIhfHykWifyJg=; b=dvZ+Mudb8r38bLeLG/4BQF7Weu31e0R9Agt3nrZm/TOnuFBdlQV/mz6x DMYfhd55UUDPU8q01VKjNrjMXcQoKfWnn6Abto+wnZxwJ+BRiIVcz3nJX i5xzksoXDiJbChO0iVQs+O0HlrtsrWZtOK79Pwb6GflV7iFrSrZ7VGc/G w=;
X-IPAS-Result: A0DoAQDouGRgmJJdJa1aHAEBAQEBAQcBARIBAQQEAQFAgVCBUykofVo2MYgJA4U5iE0DgQmYLIJTA1QLAQEBDQEBKAoCBAEBgRYBgzkCgXsCJTgTAgMBAQEDAgMBAQEBAQUBAQECAQYEFAEBAQEBAQEBhjYNhkQBAQEEOgYBATcBCwQCAQgRBAEBHxAyHQgCBAENBQgMBQKCVgEqAYIqAy8BDqBFAooedYE0gwQBAQaBNwKDUxiCEwMGgTmCdoZig3ImHIFJQoESQ4FbSQcuPoJgAQEDgV2DSYIrgkpAKEMOAi9iB2soBggsD5AqV6kzCoMHiV2TMKRYlQuLYZImhQkCAgICBAUCDgEBBoFrIYFbcBWDJFAXAg1WjUkMDQmBAgEJgkKFFIVEAXM4AgYKAQEDCXyODQEB
IronPort-PHdr: A9a23:K5PrwxLg/0X9sHGWItmcuZcyDhhPgJ39IxIV55w7irlHbqWk+dH4M VfC4el25HfPXJ7Hrf1Dlbmev6PhXDkG5pCM+DAHfYdXXhAIwcMRg0Q7AcGDBEG6SZyibyEzE MlYElMw+Xa9PBtTGd3iIVLVvC764TsbAB6qMw1zK6z8EZLTiMLi0ee09tXTbgxEiSD7b6l1K UC9rB7asY8dho4xQps=
IronPort-HdrOrdr: A9a23:W0+mgats0y9+KZ05XPv+UNuC7skCB4cji2hD6mlwRA09T+WxrO rrtOgH1BPylTYaUGwhn9fFA6WbXXbA7/dOgLU5FYyJGC3ronGhIo0n14vtxDX8Bzbzn9Qy6Y 5JSII7MtH5CDFB4vrSyAOzH888hPyO9661jenTpk0dMj1CQYsI1XYfNi+wFEpqSA5aQb8wE5 SB7sRKzgDQB0g/RMK9G3UDQqz/vNXNjp3relorABQg5QmIg1qTmf/HOjKf2QoTVC4K/Kc6/Q H+4kLEz4iAk9X+8B/T0GfP849b8eGA9vJvDNGB4/JlUQnEpR2vYO1aKti/lRAz5Nqi8VM71O TLyi1QQ/hbz1P0UiWLrQD22w/muQxeq0PK7VODm3PsrYjYaVsBerB8rLlUeBfY9EYs1esUuM kgsg7p1Os0MTr6kCvw/NTOXR1x/3DE3EYKq/IZjHBUTOIlGdlshLEf509cHdMhGy/3+ekcYZ FTJfzc//pffBemaWnYtABUsaWRd0k0dy32JnQqi4iw6Xx7jXp5x0wXyIg0hXEb7q8wTJFC+q DtLrlovKsmdL5UUYtNQMM6BeenAG3ERhzBdEiIJ078Ka0BM3XR77bq/bQO4v2wcpBg9upxpL 3xFHdj8UIicUPnDsODmLdR9ArWfWm7VTPxjuZT+oZ+ob+5YLbwKyWMRBQPnqKb0rAiK/yef8 z2FINdAvflI2erM51OxRfCV55bLmRbX9YSvto9RlKSssPGIoDnrYXgAbHuDYuoNQxhdnL0A3 MFUjS2Dt5H9FqXVnjxhwWUW36FQD24wbtAVIzhu8QDwokEMYNB9iIPj06i282NITpe9qg/fE 50JqL7grq2zFPGpFrg3iFMAF5wH0xV6LLvXzdhvgkRKX75dr4FppGYYmBd3HyOIxdlVMPIGA tDp1B6kJjHa6C49GQHMZaKI2iah3wcqDahVJEHgJCO4s/jZ9clFJo8QbdwEg/KDhRxng5vpA 54GVc5b36aMgmrpbSujZQSCu2aSsJ1hx2zJ9VI7VjFs1+HmM0pTnwHfjKnXMKNmzwyTz5Mil AZyd5FvJOw3RKUbUo2mqARLUBFYmX/OsM2MC21IKFv3o3NVC41Z2GQnjCegww0YQPRhjUvr1 2kCzaVd/HNCkdaoVZC3M/RgQlJX1TYWV5sYXZntoA4MmLKth9IoLO2T5v29XeNYV0fxexYCh X5WH85JwNjwM3f7m/JpB+LCWgmypIyPubUEbQkdPXJ1mmwLZCT/Jt2bMN87dJrMsvjvfQMVv /acwiJLCngA+dswACNoG05URME5UUMgLft2Bf/6nK/02N6Cf3OIE5+T7VzGaDW00H0A/KJ2o 5+l9Q7oK+5NXjwcMePzeXSYyRYIh3e5W6wQOdAk+EfgYsi8L9yFYLcSz3GyTVO2wg/Nt79kA cGW7tgiYqxTLNHbogXYWZU71ApnNOAIA8itRH3GPY3eRUog2XAN92E7rLUodMUcwG8jRq1PU Pa/zxW/v/DUSfGz7IcBq4qKWldaUQ36h1Zjau/XpyVDB/ve/BI/VK8PHP4baRUT7KdH64M6h l9+NOFkoasBmXF8RGVuSE+JK1A82yqG5zvRA2NHPNF6Ny8NxCHhLCw7Mu6kTfwTn+6Zi0j9P l4XF1Vat4GjD8oyJAz2Gy1TKf8p0o+iVtQ4T19jDfWq8GbyXaeGVsDKBHTh5VdQCJaPXeJh9 nU6OTw7gWJ3BFVnZ3YUFpKdt5AG9IMXpH6IidnJ88XpqOp9cMU81N+SQZrCXU9hjD71/5n2r n82Oy6YZyRNUvV
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="5.81,293,1610409600"; d="scan'208";a="662777101"
Received: from rcdn-core-10.cisco.com ([173.37.93.146]) by alln-iport-4.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 31 Mar 2021 18:02:55 +0000
Received: from mail.cisco.com (xbe-rcd-007.cisco.com [173.37.102.22]) by rcdn-core-10.cisco.com (8.15.2/8.15.2) with ESMTPS id 12VI2sH1020472 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=OK); Wed, 31 Mar 2021 18:02:55 GMT
Received: from xfe-rcd-005.cisco.com (173.37.227.253) by xbe-rcd-007.cisco.com (173.37.102.22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.792.3; Wed, 31 Mar 2021 13:02:55 -0500
Received: from xhs-rtp-003.cisco.com (64.101.210.230) by xfe-rcd-005.cisco.com (173.37.227.253) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.2.792.3; Wed, 31 Mar 2021 13:02:54 -0500
Received: from NAM10-BN7-obe.outbound.protection.outlook.com (64.101.32.56) by xhs-rtp-003.cisco.com (64.101.210.230) with Microsoft SMTP Server (TLS) id 15.0.1497.2 via Frontend Transport; Wed, 31 Mar 2021 14:02:54 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=oSkwxvEu8lZPSr4ZtTqK3cDmE/MmfZF2FoZhsZgbUpqmccAyjTFBdPqezV+I4FGsQg3IJwCTKXHnIQPGqHLJFt4NoR6FlLeQssYNATDzKhd7Gt3s5wtmIS1igzlmjdvzOtWGShmPPafBa9KfJ54rTltEBoeMJpT6Bv6+nfC54ZS9ZbLFPs+QkAzGTXtDT8nQFJb+H/3ewrD2VDW07XwOl9OEgLbmyaw0gECHbPG13ZO882ov2AJIKfU3OpWo4paJlkLDi/KizyZf5x5Zglw+YsyaWc6VcfDJ32dHhxZu2J9WHFO1K37gBzvq6J0d6kte6plm6feKdFVVbF/bzwR1cw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=xPkeZtQsfXzqhKZ3Y0ct5zlrNk/vAi+ID58JqEwUIuM=; b=mM+m2tx7dUSSKSF5WAKzo0YDQ2ILx5jyqv5uGRsGIiBu26LPPU7fDOthoowcEaZ2MVi9Scj4q9iqafsO0pd1Ow6SgocyH9sbpZV/EQs5bz7Zc8qIH5/JYOTmWaEbN6lKsvR3NSa5ESh7JVu6P6vmIQ0jgo18MOMZ78CNsgQWdVtr0sUqFs0IgQ8Hnes0rUgCJzRKt66LjP6dYmG5PF6RW9nIwkyg4TQUYa9z5DmDZIL1W8FzQyNvfxkecbpyQgwjXBC0k/Z7cD6iNH70UnZy46vin6lqqPmKGIyEracxs9M+AzMDqn6Wi7bw8F6eVRRpokqZ40Mjl75iWxrRofaAfg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=xPkeZtQsfXzqhKZ3Y0ct5zlrNk/vAi+ID58JqEwUIuM=; b=Xy35ygICWdacaxc/W+HgdIXCLrEEdh3yjGhoGvmp465dFAMtZQUc50OktuuF4vqJcW6RQni4cMu8c/E1mrn6vdqEx/u9sTAdYCI3Z5JinHS9HnzyKN0pbti9D+NM1ORxccWzCLqlte6J54E9GIL+oUleSaDPaeBZzRZ64TCBXV8=
Received: from BYAPR11MB3207.namprd11.prod.outlook.com (2603:10b6:a03:7c::14) by SJ0PR11MB5199.namprd11.prod.outlook.com (2603:10b6:a03:2dd::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3977.25; Wed, 31 Mar 2021 18:02:53 +0000
Received: from BYAPR11MB3207.namprd11.prod.outlook.com ([fe80::e084:727e:9608:11c7]) by BYAPR11MB3207.namprd11.prod.outlook.com ([fe80::e084:727e:9608:11c7%7]) with mapi id 15.20.3977.033; Wed, 31 Mar 2021 18:02:52 +0000
From: "Jakob Heitz (jheitz)" <jheitz@cisco.com>
To: "Sriram, Kotikalapudi (Fed)" <kotikalapudi.sriram@nist.gov>, Jeffrey Haas <jhaas@pfrc.org>
CC: Susan Hares <shares@ndzh.com>, "idr@ietf.org" <idr@ietf.org>, "grow@ietf.org" <grow@ietf.org>
Thread-Topic: [Idr] Choice of Large vs. Extended Community for Route Leaks Solution
Thread-Index: AQHXJjlK5mSz8dfqZEmidVsO6NqPaKqeRUIAgAABhvyAABlVkA==
Date: Wed, 31 Mar 2021 18:02:52 +0000
Message-ID: <BYAPR11MB3207EA9CAAAA0B1899404A3EC07C9@BYAPR11MB3207.namprd11.prod.outlook.com>
References: <SA1PR09MB814269138AEE1567CEED703B847C9@SA1PR09MB8142.namprd09.prod.outlook.com>, <20210331161358.GI24667@pfrc.org> <SA1PR09MB8142C40CC942F7CF7BD05EDF847C9@SA1PR09MB8142.namprd09.prod.outlook.com>
In-Reply-To: <SA1PR09MB8142C40CC942F7CF7BD05EDF847C9@SA1PR09MB8142.namprd09.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: nist.gov; dkim=none (message not signed) header.d=none;nist.gov; dmarc=none action=none header.from=cisco.com;
x-originating-ip: [2601:647:5701:46e0:8518:f5d8:94a1:e028]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: a1f2c767-2c8b-4280-8d9e-08d8f46f3412
x-ms-traffictypediagnostic: SJ0PR11MB5199:
x-microsoft-antispam-prvs: <SJ0PR11MB51994500C81EFE2E215A1711C07C9@SJ0PR11MB5199.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: jqutmPUcIkvfwH0bjSmmCQPJlJ22Fvj8zEWeX7zUCPohiJrwqEN74nbNDOJ81j1zCwUDt666nYasL12iqkeeYY4fyQAmzG7ebMPOs1e5hqjI8Y/KHEhifsOid2CtYiD1lZ8BijduCp+J/NmwQiICtdXpHPbd2fPAZbr5byjnEW/sbfLoI/yDlZtNXu7BtbS8KEYd1a9be02P2ZjbcjX2LN4yTw7B63zb0ztF6NqJHk5SAYfZgWq0ue0GD6vyIuQOOqF39fmBMhdUOHNhxzmdj/BTt/muB985K8r4Wt1BiUKSkngT1cBFQg7ruvyneKRQse2ewAtW3KCjg4IyJWNscZKvhuTBQsnfAL0r9OLnHt8xA+V4MrhlAuNthu0d8t1s2FRLmJ1v7KW2HPE4lvamI6c9W/LJc+mItSpOvHKT54oaHYh4PGw6NfnzK1KxD3C2MEFEhHnVF7mDJuBTDOT94agKmmeJHFuhMpS+Q5lKriFjVMYC/IPTVQkcEsKFXpAbvbjDcYw/Ict7b+iWXktLzBXYMxtevhn7GjxduZ4MMHaaJLvLOCDpGLgMoFHk3v/QdrODYFwym8dMLFOtln3J/XcRmDIWIXlF9FMsKDcjPOSYTHE4cacd/YkPRP2B9onZh5LE/roRdqDZNIdEXhQOggb03U92s5I8t1p1HQZLn7B7D0Ou/sDzQEsBr/c9e23uuw9WSg/GaFYFr7QQwAqUPygi1ANTQzXYCj2fIyJMBOo=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BYAPR11MB3207.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(136003)(39860400002)(366004)(376002)(346002)(396003)(2906002)(8676002)(4326008)(110136005)(86362001)(6506007)(54906003)(9686003)(7696005)(71200400001)(5660300002)(186003)(66476007)(316002)(33656002)(966005)(66556008)(66446008)(64756008)(76116006)(52536014)(66946007)(478600001)(53546011)(83380400001)(55016002)(8936002)(38100700001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: Y6c+8cBDiTdBLaiK12Hz00zKBLAnkcZlpW+bGKtFALVmiyD8QdAwjqU7wVal/B1FYpUycb991i1MxU9AzvBKaDyUKT67ql+rVwCKp/oudi46nvH7exO0WCb9NkOluwIlxM5uirC4jnX0HNJGsGOEBiDor6BaXzM3U8RpZC4wPP7H/PeZkzhDH6GW9peqFjnReXTHZtaO1yf0BN1o56xvgQqhxjmqU1h+iDNCqnBnW6XDk6sQwXkoTvSxK4RzOJJrWnN+m4jwLGcgmZOwT7tFb9RfNVmMVP5uGj9XTIPPuj3CHto4HRCwi1deQ7d2b6gZ8d6t97cMJ4vJ53OOyfgGbSbHBACQKv17nwhNGZuzSIlruyBnrNCxLgmzLhPEC0Sjb/FdTxOj8GpqZcZAGBL/PPLbpYGye3P9TnjJ38U+Z0SjC30e3ZHZisuB+F4/S7X+Ud/J7eTy/yBuk/c2WH1NNgEsnTkHRknDIrnXVxV7PMzOG/A1kg/MfB8WCNX9mCcYmuYMXB4lY8ypWDeqkRuZJTXs1y8NBQ9Tva4uBk/pq8Bku7Sdv38aP1kXU/VDrE1lfQAmezMHYb3JmM+QYqNpD0Wt40GDBWKr9dYMiZFuk1PqhRv8Rsk6APRfTE/3jxYNYqq4Z4mznonyTiFK8cz48+O/i0WoypZ8J21b4Az25+YcCD89/+zIARBsCAbgis+MgOcFvred5yLc8vK06QyDKD7RYMTDu1FmLkC7ANtKuuUUI/nLVl+kApIuJBNMpiXaezRDMmQNKKY23RsuKJt+qsqqEezlhsCtPR0R8yIAvg6O8KbA4UKOA/z0HBP78uwDiAYUjaELG+tEjJxL63Fv8sQBUVBFmiFn6p9PAZS2zqUUKTV3Gyb3FPLVtb8Mr4xN8zaExPUGmhreaImB9HN/bWUeOhu+tNCwwz0RT2Grx+CcaNO0ZM+SjCjEtM5iDLoWFNlP+vyOIAHkihp6psRC/EFr5i6dxEL3zIfwto+9GYWOYxIPB+5PyyagAW2ML9NIPMODCnT2LOq+QE4I75Ur/YiNib47WDLXGtTDJfc88iumjM9TJWm5DOI2k5r2nM6hZhkEd7sTwYpngth3CGIsfw32lVJaQVRjdbUMKMEj22eoKsQxNJZd0s+s9p30ocdzpbgyOO7vz52wvWkvCWxvWegBiN5H7uPL/OajCW1i6i7BjyZbU/EEUNA/ThG3xyjjoergC41CdhRqW6NJM0vp2NhpKD10wI+xg4OHV049JXdWZXkDD1IBF1637Z+/Tk+fNwPOOOpPMFq3nva5620u+J7xxjSYciTYckDebSQjDaZYuTAK6+JQdHmwTKXHR8H0gJ4LT2UWZP85sOcONhnSMjlYRqC6xCmMIz9YFyxGCXb3RW0tQEnByJr4mC5d0LT4
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BYAPR11MB3207.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: a1f2c767-2c8b-4280-8d9e-08d8f46f3412
X-MS-Exchange-CrossTenant-originalarrivaltime: 31 Mar 2021 18:02:52.2584 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 4tpCSNKuOfJZCzFbP9ArvUZeFeTznou8bN4GRO0c7P4XtvFjFqBivYVUSR1on9N5q2YMNToDSH+yEVzcR0wXcw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ0PR11MB5199
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.22, xbe-rcd-007.cisco.com
X-Outbound-Node: rcdn-core-10.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/TjZPAKDu790_HsURUX9CJN1UBqg>
Subject: Re: [Idr] Choice of Large vs. Extended Community for Route Leaks Solution
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 31 Mar 2021 18:03:02 -0000
No community is transitive. Not even the transitive extended communities. In all BGP code I've worked in, not just Cisco, a configuration is required to send communities of any kind to an ebgp session. By default, no communities are sent to ebgp sessions. That's a good thing, because network operators don't want junk in the routes transiting across their networks, causing churn and memory consumption. Path attributes are transitive. However, several years ago, approximately coinciding with the development of RFC7660, there was massive thrust to get attributes blocked too. Now we implement path attribute filtering and many network operators use it. Regards, Jakob. -----Original Message----- From: Sriram, Kotikalapudi (Fed) <kotikalapudi.sriram@nist.gov> Sent: Wednesday, March 31, 2021 10:17 AM To: Jeffrey Haas <jhaas@pfrc.org> Cc: Susan Hares <shares@ndzh.com>; idr@ietf.org; grow@ietf.org; draft-heitz-idr-wklc@ietf.org Subject: Re: [Idr] Choice of Large vs. Extended Community for Route Leaks Solution Jeff, Thank you for the response. My comments inline. >You can thus just get a FCFS extended community from a >transitive space TODAY and >it'd probably do most of what you want. One of the beneficial properties >that extended communities have is the transitivity is at least understood >and well deployed. I was hoping for a confirmation of that nature. So, that is good to hear. >That said, there's still no guarantee that some operator may choose to just delete them all at an ASBR. Yep. It is not a perfect world. But are you suggesting that no community-based approach (EC or LC or ?) is worth pursuing? >...the headache you're going through is trying to avoid the work of creating a new attribute. There is already a separate draft in IDR that has passed WGLC, and it uses a new transitive BGP Path Attribute 'Only to Customer (OTC)': https://tools.ietf.org/html/draft-ietf-idr-bgp-open-policy-15 We view that as a longer-term solution, while the EC/LC-based approach is meant to be deployed quickly. >A discussion I'd suggest is that we've had a need for a "BGP routing >security" attribute where we can put these various proposals: >- It's not a victim of existing community practices. >- Policy might still interact with it, but the baseline maintenance expectations can be set for it. >- It can be extensible so new components can be added incrementally. In the above, are you suggesting BGP Path Attribute or a new type of Community that comes with transitivity guarantees? Sriram ________________________________________ From: Jeffrey Haas <jhaas@pfrc.org> Sent: Wednesday, March 31, 2021 12:13 PM To: Sriram, Kotikalapudi (Fed) Cc: Susan Hares; idr@ietf.org; grow@ietf.org; draft-heitz-idr-wklc@ietf.org Subject: Re: [Idr] Choice of Large vs. Extended Community for Route Leaks Solution Sriram, (Clearly I'm not Sue...) Extending the observation I've just made to Gyan, the headache you're going through is trying to avoid the work of creating a new attribute. A result of this is a lot of work trying to proscriptively change how people operate their networks for more general features. Extended communities have functionally behaved as more of a protocol control mechanism in their general history. They already have behaviors that permit them to be selectively transitive or non-transitive across ASes. Operationally, they MAY be stripped by policy, but sanitization practices for them are significantly less codified than RFC 1997 communities. You can thus just get a FCFS extended community from a transitive space TODAY and it'd probably do most of what you want. One of the beneficial properties that extended communities have is the transitivity is at least understood and well deployed. That said, there's still no guarantee that some operator may choose to just delete them all at an ASBR. A discussion I'd suggest is that we've had a need for a "BGP routing security" attribute where we can put these various proposals: - It's not a victim of existing community practices. - Policy might still interact with it, but the baseline maintenance expectations can be set for it. - It can be extensible so new components can be added incrementally. While I understand a motivation for putting this in communities is "faster deployment", take the other example from the life of large communities: when there's sufficient interest, the feature will show up pretty fast. -- Jeff (the best time to plant a tree is ten years ago. the second best time is now...)
- [Idr] Choice of Large vs. Extended Community for … Sriram, Kotikalapudi (Fed)
- Re: [Idr] Choice of Large vs. Extended Community … Jeffrey Haas
- Re: [Idr] Choice of Large vs. Extended Community … Sriram, Kotikalapudi (Fed)
- Re: [Idr] Choice of Large vs. Extended Community … Jakob Heitz (jheitz)
- Re: [Idr] Choice of Large vs. Extended Community … Jeffrey Haas
- Re: [Idr] Choice of Large vs. Extended Community … Jeffrey Haas
- Re: [Idr] Choice of Large vs. Extended Community … Brian Dickson
- Re: [Idr] [GROW] Choice of Large vs. Extended Com… Randy Bush
- Re: [Idr] [GROW] Choice of Large vs. Extended Com… Gyan Mishra
- Re: [Idr] [GROW] Choice of Large vs. Extended Com… Jeffrey Haas
- Re: [Idr] [GROW] Choice of Large vs. Extended Com… Jeffrey Haas
- Re: [Idr] Choice of Large vs. Extended Community … Sriram, Kotikalapudi (Fed)
- Re: [Idr] [GROW] Choice of Large vs. Extended Com… Brian Dickson
- Re: [Idr] Choice of Large vs. Extended Community … Sriram, Kotikalapudi (Fed)
- Re: [Idr] Choice of Large vs. Extended Community … Brian Dickson
- Re: [Idr] [GROW] Choice of Large vs. Extended Com… Job Snijders
- Re: [Idr] Choice of Large vs. Extended Community … Jakob Heitz (jheitz)
- Re: [Idr] Choice of Large vs. Extended Community … Sriram, Kotikalapudi (Fed)