[Idr] Re: I-D Action: draft-ietf-idr-deprecate-as-set-confed-set-15.txt
Claudio Jeker <cjeker@diehard.n-r-g.com> Thu, 29 August 2024 09:22 UTC
Return-Path: <cjeker@diehard.n-r-g.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 887A7C14F699 for <idr@ietfa.amsl.com>; Thu, 29 Aug 2024 02:22:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.208
X-Spam-Level:
X-Spam-Status: No, score=-4.208 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vVXePKG5k975 for <idr@ietfa.amsl.com>; Thu, 29 Aug 2024 02:22:03 -0700 (PDT)
Received: from diehard.n-r-g.com (diehard.n-r-g.com [62.48.3.9]) (using TLSv1.3 with cipher TLS_CHACHA20_POLY1305_SHA256 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EB2A0C14F5FC for <idr@ietf.org>; Thu, 29 Aug 2024 02:22:01 -0700 (PDT)
Received: (qmail 59727 invoked by uid 1000); 29 Aug 2024 09:21:59 -0000
Date: Thu, 29 Aug 2024 11:21:58 +0200
From: Claudio Jeker <cjeker@diehard.n-r-g.com>
To: Jeffrey Haas <jhaas@pfrc.org>
Message-ID: <ZtA9tsceQcRPqAsj@diehard.n-r-g.com>
References: <172409169774.1909130.7745685666245560135@dt-datatracker-6df4c9dcf5-t2x2k> <ZsSaLa0WH8tGu5rY@diehard.n-r-g.com> <BDDB8EC7-9883-4769-AA8D-7E1DC3130A7F@pfrc.org> <Zs8hiBX9Y8slMnpU@diehard.n-r-g.com> <F55EBF5B-D150-44D0-B656-698B0978619D@pfrc.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <F55EBF5B-D150-44D0-B656-698B0978619D@pfrc.org>
Message-ID-Hash: ZD4CUJKQHMGO7HEW3AUZ4XTDDC3TUWE7
X-Message-ID-Hash: ZD4CUJKQHMGO7HEW3AUZ4XTDDC3TUWE7
X-MailFrom: cjeker@diehard.n-r-g.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-idr.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: idr@ietf.org
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [Idr] Re: I-D Action: draft-ietf-idr-deprecate-as-set-confed-set-15.txt
List-Id: Inter-Domain Routing <idr.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/je9kblNOjP5icoRMIFYbH1s3JxI>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Owner: <mailto:idr-owner@ietf.org>
List-Post: <mailto:idr@ietf.org>
List-Subscribe: <mailto:idr-join@ietf.org>
List-Unsubscribe: <mailto:idr-leave@ietf.org>
On Wed, Aug 28, 2024 at 11:20:14AM -0400, Jeffrey Haas wrote: > Claudio, > > > > On Aug 28, 2024, at 9:09 AM, Claudio Jeker <cjeker@diehard.n-r-g.com> wrote: > >> > >> Speaking for myself but nodding toward my chair hat, I don't know that > >> we can ever do that. You can proclaim all you want that "we'll never do > >> 2 byte" but implementations will still need to deal with as4-path for > >> time to come. > > > > Nodding towards your chair hat, it would be good if IDR had a plan to > > finish this transition in finite time. Other security critical protocols > > realized that and started to deprecate a lot of old features. Just look at > > how SSH and SSL/TLS do that. > > The likely answer there is "bgp-5". This sounds like the answer is "IPv6". > You'll note a trend in some of the list discussion about the impacts of > various transition and scoping mechanisms are happening partly to > describe issues with bgp-4 and what we can do about those. > > We might successfully evolve a set of mechanisms that avoid the version > bump. We've done so successfully for years. We'll see. > > > > I know it will take time but by having a plan and a clear goal will give > > vendors an incentive to finally priorize RFC6738 support in their roadmap. > > If this isn't a typo, I'm unclear how this specific IKEv2 mechanism > addresses the IP routing bootstrapping issues identified by the KARP > working group some years ago. Yes this was a tyop and off by one all at once. > >> That said, as a vendor, I'm happy to support knobs that say "don't let > >> peering come up unless 4-byte is negotiated". Sadly, we have knobs that > >> do the opposite. > > > > We implemented that exactly for this reason. Someone needs to start doing > > this and put light pressure onto all those systems that did not update > > their BGP implementation in the last 10+ years. > > Also everyone should default to 4byte sessions by default (it seems that > > is still not the case). > > The short form of this is when implementations start deleting 2-byte > capable code and don't permit sessions to come up without the 4byte > capability, you'll have achieved your victory condition. > > Go forth and do so in your stack. :-) I think this comment is not helpful. Just to be clear our stack enables 4-byte AS support by default on all session since 2009. Lately we added a config option to enforce it and at some point I will make the enforcement the default and have users explicitly disable 4-byte AS support for those last few sessions that need it. In most cases sessions negotiate down to 2-byte for no good reason apart from bad config settings. What are your stacks doing? Isn't it time to follow our footsteps? -- :wq Claudio
- [Idr] I-D Action: draft-ietf-idr-deprecate-as-set… internet-drafts
- [Idr] Re: I-D Action: draft-ietf-idr-deprecate-as… Claudio Jeker
- [Idr] Re: I-D Action: draft-ietf-idr-deprecate-as… Jeffrey Haas
- [Idr] Re: I-D Action: draft-ietf-idr-deprecate-as… Sriram, Kotikalapudi (Fed)
- [Idr] Re: I-D Action: draft-ietf-idr-deprecate-as… Jeffrey Haas
- [Idr] Re: I-D Action: draft-ietf-idr-deprecate-as… Claudio Jeker
- [Idr] Re: I-D Action: draft-ietf-idr-deprecate-as… Jeffrey Haas
- [Idr] Re: I-D Action: draft-ietf-idr-deprecate-as… Claudio Jeker
- [Idr] Re: I-D Action: draft-ietf-idr-deprecate-as… Jeffrey Haas