IETF Logo Mail Archive

Re: [Idr] Warren Kumari's Discuss on draft-ietf-idr-bgp-gr-notification-15: (with DISCUSS)

Jeffrey Haas <jhaas@pfrc.org> Tue, 22 May 2018 19:21 UTC

Return-Path: <jhaas@pfrc.org>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E826612D7ED; Tue, 22 May 2018 12:21:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ofXpwvFtfjPI; Tue, 22 May 2018 12:21:55 -0700 (PDT)
Received: from slice.pfrc.org (slice.pfrc.org [67.207.130.108]) by ietfa.amsl.com (Postfix) with ESMTP id 638CC12E882; Tue, 22 May 2018 12:21:55 -0700 (PDT)
Received: from dresden.attlocal.net (99-59-193-67.lightspeed.livnmi.sbcglobal.net [99.59.193.67]) by slice.pfrc.org (Postfix) with ESMTPSA id 096D61E3D0; Tue, 22 May 2018 15:21:53 -0400 (EDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
From: Jeffrey Haas <jhaas@pfrc.org>
In-Reply-To: <152701518391.31181.3562126455441179002.idtracker@ietfa.amsl.com>
Date: Tue, 22 May 2018 15:21:53 -0400
Cc: The IESG <iesg@ietf.org>, idr wg <idr@ietf.org>, idr-chairs@ietf.org, draft-ietf-idr-bgp-gr-notification@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <50AB3F2D-222F-4813-90FA-95F9AC411590@pfrc.org>
References: <152701518391.31181.3562126455441179002.idtracker@ietfa.amsl.com>
To: Warren Kumari <warren@kumari.net>
X-Mailer: Apple Mail (2.3273)
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/g0hFvGoDGhEOv8aWqHDkTA1rN1A>
Subject: Re: [Idr] Warren Kumari's Discuss on draft-ietf-idr-bgp-gr-notification-15: (with DISCUSS)
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 May 2018 19:21:57 -0000

Warren,

> On May 22, 2018, at 2:53 PM, Warren Kumari <warren@kumari.net> wrote:
> I'm sure that this has already been discussed somewhere, and that I'll be able
> to quickly clear my DISCUSS once pointed at it, but: "To put an upper bound on
> the amount of time a router retains the stale routes, an implementation MUST
> support a (configurable) timer, called the "stale timer", that imposes this
> upper bound. A suggested default value for the stale timer is 180 seconds. An
> implementation MAY provide the option to disable the timer (i.e., to provide an
> infinite retention time) but MUST NOT do so by default."
> 
> The "infinite retention time" part of this makes me deeply uncomfortable -- I
> can see a good reason for the stale timer, and the default "feels" fine to me,
> but having an infinite retention time (or, really anything over 10 to 15
> minutes) feels like a really dangerous idea, and that it will come back and
> bite.

This is a point where I point at your supposed opeational background and suggest shame on you. :-)

For my part, I would rather see this option discussed and given a caveat rather than elided from the specification.  Otherwise you simply have vendors who've implemented such an option and someone wagging their finger at their supposed non-conformance.  And it's usually some operator that wanted the thing present in the first place!


> 
> I'm hoping that I'm missing something obvious, but can you please explain under
> what conditions an infinite retention policy makes sense? It seems like there
> would be multiple opportunities for blackholing traffic with this.

There are situations, especially closed L3VPN networks, where infinite retention is potentially desired.  In situations where such a knob is configured and the operator decides that the underlying behavior needs to be addressed, a reset of the necessary session state could be done.  E.g. deconfigure the peer.

It should be noted that earlier forms of the long lived graceful restart feature, which this was intended to service, tried to provide significant caveats about not applying the feature to address families like those carrying the Internet for exactly the reason you're concerned with.


-- Jeff

v2.23.0 | Report a Bug | By Email