Re: [Idr] Joel Jaeggli's No Objection on draft-ietf-idr-ix-bgp-route-server-11: (with COMMENT)

joel jaeggli <joelja@bogus.com> Tue, 14 June 2016 16:34 UTC

Return-Path: <joelja@bogus.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CD98912D811; Tue, 14 Jun 2016 09:34:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.326
X-Spam-Level:
X-Spam-Status: No, score=-8.326 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-1.426] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kByt4Dgs18R2; Tue, 14 Jun 2016 09:34:21 -0700 (PDT)
Received: from nagasaki.bogus.com (nagasaki.bogus.com [IPv6:2001:418:1::81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F407312D13E; Tue, 14 Jun 2016 09:34:20 -0700 (PDT)
Received: from mb-2.local ([IPv6:2620:11a:c081:20:7df9:7167:e9d9:6b3a]) (authenticated bits=0) by nagasaki.bogus.com (8.15.2/8.15.2) with ESMTPSA id u5EGYB5E020313 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT); Tue, 14 Jun 2016 16:34:12 GMT (envelope-from joelja@bogus.com)
X-Authentication-Warning: nagasaki.bogus.com: Host [IPv6:2620:11a:c081:20:7df9:7167:e9d9:6b3a] claimed to be mb-2.local
To: Nick Hilliard <nick@foobar.org>
References: <20160614153754.19291.870.idtracker@ietfa.amsl.com> <57602C27.10803@foobar.org>
From: joel jaeggli <joelja@bogus.com>
Message-ID: <ba3ad464-b4aa-50ef-a5b2-f48bc3ad9d92@bogus.com>
Date: Tue, 14 Jun 2016 09:34:09 -0700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:45.0) Gecko/20100101 Thunderbird/45.2
MIME-Version: 1.0
In-Reply-To: <57602C27.10803@foobar.org>
Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="5QE5D581A4JEBb0bt0j7mREOxxfuEgxaF"
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/_nZyOkysYc1IuMXCHqM17WZPw9U>
Cc: idr@ietf.org, idr-chairs@ietf.org, The IESG <iesg@ietf.org>, shares@ndzh.com, draft-ietf-idr-ix-bgp-route-server@ietf.org
Subject: Re: [Idr] Joel Jaeggli's No Objection on draft-ietf-idr-ix-bgp-route-server-11: (with COMMENT)
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Jun 2016 16:34:24 -0000

On 6/14/16 9:09 AM, Nick Hilliard wrote:
> Joel Jaeggli wrote:
>> I'm at a bit of a loss to understand why path hiding would be a
>> considered an undesirable property of an MLPE routeserver.
> 
> Because in certain circumstances, if you have two paths A and B to a
> leaf node L, and path A decides to block access to L via the IXP, A's
> policy action acting on the RS will also block path B.  There are no
> circumstances that I can imagine where this would be a desirable outcome.

IF L is a customer of A and B sure. If it's L's policy that's doing the
blocking and you're not winning unequivically on as path length due to
prepending then a  desired result, (not transiting the exchange) is
achieved.  (this isn't really hypotethtical as at least one of my
transit providers has been known to leak our anycast prefixes via mlpe
sesssions at an exchange where we are also present) eventually I won't
use them.

For me as a prefix originator,  the difference is the ability to
advertise prefixes on the MLPE and not, e.g. it's effectively unusable
without that property.

>> IMHO as an
>> operator that peers on MLPE exchanges as well as bilaterally on exchange
>> fabrics and via PNIs. blinding a client of the MLPE which I  may have a
>> session already with at the exchange or via PNI is basically mandatory.
> 
> We're talking about different things here.  Blinding a path by offering
> a better alternative is fine - which is, I think, what you are talking
> about.  Blinding a path by denying third parties a failover path is not ok.
> 
>> Likewise without per-asn export policy at exchanges my ability to
>> advertise anycast prefixes via the MLPE is basically noexistant
>>
>>    If an IXP operator deploys a route server without
>>    implementing a per-client routing policy control system, then path
>>    hiding does not occur as all paths are considered equally valid from
>>    the point of view of the route server.
>>
>> Does not seem like a particularly desirable outcome.
>>
>> While I'm fine with 2.3 not being normative, it does seem desirable that
>> an MLPE service offer the client control, it greatly increases the sorts
>> of clients that can safely use the service.
> 
> Yep, agreed.  This was an issue that Geoff Huston brought up during the
> rtgdir review.  His point was that a standards track document cannot
> recommend a course of action which is not formally defined anywhere.  At
> the moment, neither add-path nor the multiple rib options have been
> defined formally within standards track documents.  So as authors we had
> an option of either delaying publication of this draft for an
> indeterminate number of years while the multi-rib and add-path drafts
> were standardized, or else mark these as non-normative for the time
> being and standardise the rest of the requirements.
> 
> Given that ietf-idr-add-paths has been in the ietf process since 2002
> and it's now 2016, we figured it was probably a more practical solution
> to move ahead with this draft as-is, and if someone wants to document
> multiple ribs in future, this draft can be updated.
> 
> Nick
>