IETF Logo Mail Archive

Re: [Idr] I-D Action: draft-ietf-idr-large-community-01.txt

Brian Dickson <brian.peter.dickson@gmail.com> Thu, 13 October 2016 23:07 UTC

Return-Path: <brian.peter.dickson@gmail.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B7E42129551 for <idr@ietfa.amsl.com>; Thu, 13 Oct 2016 16:07:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dt7CaopsauXP for <idr@ietfa.amsl.com>; Thu, 13 Oct 2016 16:07:30 -0700 (PDT)
Received: from mail-qk0-x22b.google.com (mail-qk0-x22b.google.com [IPv6:2607:f8b0:400d:c09::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6E4E812946C for <idr@ietf.org>; Thu, 13 Oct 2016 16:07:30 -0700 (PDT)
Received: by mail-qk0-x22b.google.com with SMTP id n189so120325096qke.0 for <idr@ietf.org>; Thu, 13 Oct 2016 16:07:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=AnJGIAgm4aAkW8LPwG2b2a6s5D9pnnJqhPuZhhG7UxY=; b=dzWbEjOScQbNJ3Z1wklkl+1k3xZLsh1kuDCkRht/Vj/zdnqkvggwRo/OXkgbzXCyT+ BjpcQEEO3sPqBpqyX0fo4yE0XVqZPYhqZLUF3jfECt2bqzVrAMVJez2+a8dYNwfE3BHH KeNXIXz4Z2+RUY4pBUrsjFT2sbrLpdVHo3dbiNdAt2H+NLHkjGK7MC0puBR0gEgkDUrK Rfo/CvMTzkCMv/tXz5622CMlwKHkcIjcwHeL5tsCFWyc17299jWIcXG7/8x/Ay68QCVH fM3tWeq9wCVhCNfup3uaJ4Ne2q+IsrtJ3izz57q2l6X7aDYqXg/ruIdoWMtfEWbz3hKC QJWg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=AnJGIAgm4aAkW8LPwG2b2a6s5D9pnnJqhPuZhhG7UxY=; b=gXaoFE9ExTtrzpI29ExpHtB2HArRO2/MyXmbLZRgYqIyqq+rae+p4KzhJ78n2YSvja j1UkoJmEqwHU8yyRBl2HcE33or3w8dpdG1jkJuto8Y2RjyLNKO1gSfpYdGe+bpl9hp4u t8Hw9RH4mmLroZsyyZox2GF6JyBEtXdN+aJbuAmQeovQAY3/CPPIA0kH73vjUMhJMKtn GHltp2AL//eHAgwOJN0W/L34SMgGG+b3yovbo8DQaRjM1OOqRu2LTLREjfKM0LFZIkCw ngK8xXnv9t8uq54PWNmsjWsibnaHSMlfEsr0dDh15OSn56QEkHbxnvmn25F0Fsd4OqC5 dfVA==
X-Gm-Message-State: AA6/9Rlx44SsHFXDy5qD48jVYgAIgbz9FWEcWCOOfdnu5TS/nVvD65h3i4fKxirrAHWX8fpSQEs4WATehAJT5w==
X-Received: by 10.194.93.234 with SMTP id cx10mr81252wjb.140.1476400049244; Thu, 13 Oct 2016 16:07:29 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.28.203.207 with HTTP; Thu, 13 Oct 2016 16:07:27 -0700 (PDT)
In-Reply-To: <1476317462333.82977@dacor.de>
References: <20161003115723.GD20697@Vurt.local> <57F27D3F.7090404@foobar.org> <00da01d22085$4f0f2ee0$4001a8c0@gateway.2wire.net> <57F78B7D.609@foobar.org> <333030E6-0422-4A34-B07B-90D5F8E9F116@gmail.com> <57F92043.20301@foobar.org> <A9BBA442-361F-444F-9AFC-33FAAF5F6061@gmail.com> <00ff01d22214$a9832440$4001a8c0@gateway.2wire.net> <57FAD3EA.6070800@foobar.org> <020b01d223a1$f0e34a20$4001a8c0@gateway.2wire.net> <20161011095417.GL19434@gir.theapt.org> <1476317462333.82977@dacor.de>
From: Brian Dickson <brian.peter.dickson@gmail.com>
Date: Thu, 13 Oct 2016 16:07:27 -0700
Message-ID: <CAH1iCirrZFFckPfZB75n+fkEn2UK+VVyd3ddof1Hik=fyka9-w@mail.gmail.com>
To: Julian Seifert <js@dacor.de>
Content-Type: multipart/alternative; boundary="047d7beb93407b526e053ec72cc2"
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/UrSrR9DbaSxp76CAhW3WwPkTlxo>
Cc: idr <idr@ietf.org>
Subject: Re: [Idr] I-D Action: draft-ietf-idr-large-community-01.txt
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Oct 2016 23:07:33 -0000

On Wed, Oct 12, 2016 at 5:10 PM, Julian Seifert <js@dacor.de> wrote:

> Hi,
>
> On 2016 Oct 11 phessler wrote:
> > Putting my own ASN, or the ASN of my peer that I wish to control, will
> > be the main uses; I agree.  But there is a difference between SHOULD and
> > MUST.  Since I MUST allow users to change the value there, I am happy.
>
>
Close, but not quite.

The "MUST" for changing the values, IMHO, is something we all agree on,
myself included, and is directed at implementers.

The distinction is *to whom* the "MUST (be an ASN)" is directed at:
operators.


The "why" of the (global administrator) MUST is as follows:
- The Large community that the operator sets, may not involve the
operator's own ASN, nor any of the operator's peers' ASNs.
-- This is desired, allowable behavior, acknowledged by operators, and in
parity with RFC-1997
- Thus, the implementation CANNOT have enough local information to enforce
the "ASN-ness" of the 32-bit value
-- This is also as desired, acknowledged by operators, and in parity with
RFC-1997
- HOWEVER, it is not acceptable for the operator to use some other 32-bit
value in place of an ASN
-- By definition, any other 32-bit number will collide with the values of
32-bit ASNs (they are integers between 0 and 2^32-1)
-- There are plenty of private-use ASN values (between 4,000,000,000 and
2^32-2) for anyone who wants to do things "between consenting adults"

Private use ASNs are not guaranteed to be unique, so anyone using them need
to protect against collision.

Non-private-use ASNs are guaranteed to be unique, and adopting "MUST" gives
operators exactly what they need to influence those who behave badly, e.g.
out of ignorance.

Enforcement of this ASN-ness is something that needs to be exclusively
 handled in meat-space.

I don't think anyone (from an operator background) has any issues with
anything outside of "large" (in idr) doing smarter/better things.

Please let us have large, with this "MUST", without interfering in this
consensus, particularly from the operator community.

>
> The semantics of the value configured in the community is up to the
> operator and must not be
> enforced/assumed by the implementation. It makes sense to reserve certain
> values/prohibit their
> use to prevent compatibility issues, keep special values for
> tests/documentation/checking and for well known communities
> that might be defined later on, but don't force operators to only be
> allowed to configure iana assigned
> ASN values or force implementations to only allow configuration of  an ASN
> in the GA that is a configured ASN on
> the specific router etc.
>
> Communities are great because of the ambiguity(sorry of not the correct
> term for what I want to  express)
> The vast number of values I can configure with meaning only for me and
> parties I interact with)
> being too strict will greatly diminish the value they represent as a tool
> in operating networks.
> And would be contradictory to the operational need from which the draft
> arose.
>
>
Agreed (modulo "SHOULD vs MUST" language).

Maybe putting a prefacing statement to clarify the Global Administrator
definition, so that the restriction is guidance for operators, not
implementors, would get us to consensus?

Brian

v2.23.0 | Report a Bug | By Email