Re: [Idr] Vendor Defaults (was Re: Review of draft-ietf-large-community-06.txt)

heasley <heas@shrubbery.net> Mon, 07 November 2016 22:54 UTC

Return-Path: <heas@shrubbery.net>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F22D0129B22 for <idr@ietfa.amsl.com>; Mon, 7 Nov 2016 14:54:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.699
X-Spam-Level:
X-Spam-Status: No, score=-5.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-1.497, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id duVCURZ6VEMW for <idr@ietfa.amsl.com>; Mon, 7 Nov 2016 14:54:17 -0800 (PST)
Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7DBE4129B52 for <idr@ietf.org>; Mon, 7 Nov 2016 14:54:17 -0800 (PST)
Received: by guelah.shrubbery.net (Postfix, from userid 7053) id 223D37C8D8; Mon, 7 Nov 2016 22:54:17 +0000 (UTC)
Date: Mon, 7 Nov 2016 22:54:17 +0000
From: heasley <heas@shrubbery.net>
To: Brian Dickson <brian.peter.dickson@gmail.com>
Message-ID: <20161107225417.GA67860@shrubbery.net>
References: <CAH1iCiq6jNtnkta0Bt952EQ9zOKSGt=_cCySsT5XuOKuHYO2nQ@mail.gmail.com> <86860386-9C2B-4BD5-B457-2A6DA5446CF3@cisco.com> <17E646EF-4633-423B-9AC4-B53D49C90632@gmail.com> <6CAFC026-6102-42BF-97FA-779457D84ECE@cisco.com> <CA+b+ERm5VVz520OhgXYTFOt9_M6_=MHLE9M-=1T+wnfw7RY83Q@mail.gmail.com> <C2C26B2F-75A0-49FB-B947-4B957611A23E@cisco.com> <CA+b+ERkieHXpXQxjGnU+dGAz2nbNzWb6DxHG6vB7X5bp9VD3+Q@mail.gmail.com> <96108A84-8016-4A24-8D9D-C08F65D07572@gmail.com> <20161107202554.GI62252@shrubbery.net> <CAH1iCipFL3BGKRzz+LfbkOAPePsGBLdRo0HBCjTFwnMC1+-+eA@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CAH1iCipFL3BGKRzz+LfbkOAPePsGBLdRo0HBCjTFwnMC1+-+eA@mail.gmail.com>
X-PGPkey: http://www.shrubbery.net/~heas/public-key.asc
X-note: live free, or die!
X-homer: i just want to have a beer while i am caring.
X-Claimation: an engineer needs a manager like a fish needs a bicycle
X-reality: only YOU can put an end to the embarrassment that is Tom Cruise
User-Agent: Mutt/1.6.1 (2016-04-27)
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/nR1yjD20hYOH6Cq1n22mBAAif68>
Cc: heasley <heas@shrubbery.net>, "idr@ietf.org" <idr@ietf.org>, Robert Raszuk <robert@raszuk.net>
Subject: Re: [Idr] Vendor Defaults (was Re: Review of draft-ietf-large-community-06.txt)
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Nov 2016 22:54:19 -0000

Mon, Nov 07, 2016 at 01:06:17PM -0800, Brian Dickson:
> On Mon, Nov 7, 2016 at 12:25 PM, heasley <heas@shrubbery.net>; wrote:
> > Sun, Nov 06, 2016 at 07:46:10PM -0800, Brian Dickson:
> > > > On Nov 6, 2016, at 4:12 PM, Robert Raszuk <robert@raszuk.net>; wrote:
> > > It might be the case that initial deployment could incorporate 16-bit
> > ASNs in 32-bit fields, including private ASNs.
> >
> > What?  is there a case where a 16bit ASN doesnt fit in 32bits?
> 
> No, what I am saying is, it might be the case that the very first LCs seen
> are "65501:3356:0" (which, in my hypothetical scenario, are transliterated
> RFC1997 communities, understood by both AS2914 and AS49544)
> 
> The difference being:
> 
>    - RFC1997 propagation might be affected by some implementations of
>    RFC1997 defaulting to "do not send" and router configurations relying on
>    that default.
>    - LC propagation, if not consistent with RFC1997 propagation, might
>    result in the LC community going where the RFC1997 has not gone, and might
>    result in changes to routing.

Everyone involved would have to actively change their policy to add that
LC and to take action on it.

And, why would an operator expend the effort to use 1997 communities in LCs
with an extra 0 field?  Leave the 1997s alone, add LCs specified to take
advantage of LCs (no over-loading, AS4) and stop taking action on and/or
marking routes with 1997s after some transition period.

> > > 20 years of  RFC1997. All with default off. 20 years of industry
> > consolidation, staff turnover, undocumented implementations.
> >
> > 20 years in that implementation...
> 
> ... which should not REQUIRE implementation/configuration changes
> overnight, IMHO.

it doesnt; LCs dont exist yet.

> > > Assuming that no migration will occur, isn't helpful. Changing the
> > default behavior across such migration is the risk.
> > >
> > > Having the same behavior for large guarantees zero incremental risk,
> > which is why I am advocating for it.
> >
> > given a BGP topology of AS1 - AS2 - AS3, where AS1 & 3 recognize LCs and
> > AS1 sends LC 3:n:n to affect their local-pref (or whatever), this will
> > potentially break when AS2 updates to an o/s that recognizes LCs.
> > surprise!
> 
> There are 3 ASNs involved, and two peering connections.
> Does AS2 already do RFC1997?

whatever - that's irrelevant in my PoV; 1997 & LC are not the same.

> Does AS1 send RFC1997 communities to AS2?

irrelevant.

> Is the reason AS1 isn't sending RFC1997, that AS3 is a 32-bit ASN?

maybe.  maybe AS3 never supported 1997.  maybe they have transitioned
away from 1997.  maybe its an "action" community with a "target" ASN
(AS3:prependonce:AS4).  or AS3 marks their routes with LC in some manner
that interests AS1, such the rt's region origin and AS4's path between two
regions is routinely congested.

> Presumably AS2 doesn't send RFC1997 to AS3 either, for the same 32-bit ASN
> reason.

irrelevant.

fact is that it would work until AS2 upgrades, unless AS2 adds the config
to disable to default filtering - that is assuming that they are clueful
enough to do so.  that's an element of surprise.  vs. AS2 deciding that
they will start using LCs and discovering that their customers & transits
are already using them.

> I think the scenarios boil down to:
> 
>    - AS2 already does RFC1997, and does its upgrade with LC as part of the
>    plan.
>       - I would expect AS2 to monitor for LCs in their BGP updates before
>       upgrading, and use an upgrade config that passes LCs.
>    - AS2 does not do RFC1997, in which case expecting it to do LCs is not
>    entirely reasonable on the part of AS1.
>       - AS1 should discuss their expectations with AS2, and encourage them
>       to do LCs AND RFC1997.
> 
> In other words, in neither case should the breakage be a surprise; it
> either should not break, or should be expected to break.
> 
> I'm not advocating for breakage, obviously, and am a big advocate of both
> RFC1997 and LC.
> 
> But, vendor code isn't best place to try to get communities propagated -
> the contracts or peering agreements between ASNs is a much better place.
> 
> Brian