Re: [Idr] WG LC on draft-ietf-idr-large-community-03.txt (10/17/2016 to 10/31/2016)

Jeffrey Haas <jhaas@pfrc.org> Wed, 19 October 2016 15:00 UTC

Return-Path: <jhaas@slice.pfrc.org>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 834AC1299BD for <idr@ietfa.amsl.com>; Wed, 19 Oct 2016 08:00:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.333
X-Spam-Level:
X-Spam-Status: No, score=-2.333 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.431, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JkBGd_Owegdx for <idr@ietfa.amsl.com>; Wed, 19 Oct 2016 08:00:18 -0700 (PDT)
Received: from slice.pfrc.org (slice.pfrc.org [67.207.130.108]) by ietfa.amsl.com (Postfix) with ESMTP id 63BB71299AE for <idr@ietf.org>; Wed, 19 Oct 2016 08:00:18 -0700 (PDT)
Received: by slice.pfrc.org (Postfix, from userid 1001) id 2B0251E32B; Wed, 19 Oct 2016 11:02:28 -0400 (EDT)
Date: Wed, 19 Oct 2016 11:02:27 -0400
From: Jeffrey Haas <jhaas@pfrc.org>
To: "t.petch" <ietfc@btconnect.com>
Message-ID: <20161019150227.GB24388@pfrc.org>
References: <01f301d228b4$e3319ef0$a994dcd0$@ndzh.com> <20161017215134.GA464@pfrc.org> <20161018190851.GC15392@shrubbery.net> <20161018191521.GT95811@Vurt.local> <9EFC9BAA-F917-4C70-A139-1F69CAECF9C0@pfrc.org> <007201d229f6$b4ae9680$4001a8c0@gateway.2wire.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <007201d229f6$b4ae9680$4001a8c0@gateway.2wire.net>
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/c5hak5umBVTW1tqBlalp2prJyT4>
Cc: IETF IDR WG <idr@ietf.org>, Sue Hares <shares@ndzh.com>
Subject: Re: [Idr] WG LC on draft-ietf-idr-large-community-03.txt (10/17/2016 to 10/31/2016)
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Oct 2016 15:00:24 -0000

Tom,

On Wed, Oct 19, 2016 at 11:47:05AM +0100, t.petch wrote:
> RFC1997 says
> 'The community attribute values ranging from 0x0000000 through
>    0x0000FFFF and 0xFFFF0000 through 0xFFFFFFFF are hereby reserved.
> 
>    The rest of the community attribute values shall be encoded using an
>    autonomous system number in the first two octets.  '
> 
> Note the use of 'shall'.  Had that been written after RFC2119 then it
> would have been IMO 'MUST' or 'SHALL' not the weasily 'SHOULD' so this
> I-D is weakening the meaning compared to RFC1997.

It's also worth recognizing, good or not (there's definitely room for value
judgment in here), that practice has evolved.

As part of working through RFCs to basically say "don't use AS 0" and "don't
use AS 65535", the general consensus here and in grow was "yeah, that seems
like a good idea".  It probably still is.

But when code started going into place to enforce that (cli restrictions),
the weird edge cases started coming out.  People using AS 0 as a "wildcard"
in their community policy.  People using AS 65535 for BGP peering, etc.

Is it a bad idea?  Probably.  Historically AS 0 type things triggered all
sorts of entertaining buggy issues for reasons I've previously written
about.  AS 65535 is ugly simply because it clutters semantic space for
things like the well known communities.  And thankfully the issues
surrounding 0 as uninitialized variable and UINT16_MAX as being common
issues in BGP bugs seem to largely be behind us.

> If this I-D were to say that RFC1997 specified a 'MUST' (in effect) but
> that 20 years of experience showed that it need not be that strong, that
> ambiguities of interpretation have never been a problem for routing,
> pehaps by adding a note in the Security Considerations, then I would
> accept that.  As it stands, I think that this I-D is risky (and would be
> even if everyone who reads it knows what the IETF means by 'SHOULD' - I
> think that this is not the case and that those outside the IETF will
> read 'SHOULD' as a stronger enforcement than it is).

And yet, I think this is a case where the SHOULDs get enough "yeah, but..."
exceptions that it weakens even the arguments for that.

The one case I still find somewhat compelling deals with the strong
likelihood that some providers will port their RFC 1997 features into large
format via either script or implementation feature.  In such cases, porting
the well known communities into and out of large format present potential
issues.

-- Jeff