IETF Logo Mail Archive

Re: [Idr] new ID on expansion of private use ASN range

Robert Raszuk <robert@raszuk.net> Tue, 03 July 2012 15:54 UTC

Return-Path: <robert@raszuk.net>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7E3C211E8168 for <idr@ietfa.amsl.com>; Tue, 3 Jul 2012 08:54:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.565
X-Spam-Level:
X-Spam-Status: No, score=-2.565 tagged_above=-999 required=5 tests=[AWL=0.034, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xzRj2XJAUqJK for <idr@ietfa.amsl.com>; Tue, 3 Jul 2012 08:54:20 -0700 (PDT)
Received: from mail1310.opentransfer.com (mail1310.opentransfer.com [76.162.254.103]) by ietfa.amsl.com (Postfix) with ESMTP id 5C39311E8167 for <idr@ietf.org>; Tue, 3 Jul 2012 08:54:20 -0700 (PDT)
Received: (qmail 12601 invoked by uid 399); 3 Jul 2012 15:54:28 -0000
Received: from unknown (HELO ?192.168.1.91?) (pbs:robert@raszuk.net@83.31.196.182) by mail1310.opentransfer.com with ESMTPM; 3 Jul 2012 15:54:28 -0000
X-Originating-IP: 83.31.196.182
Message-ID: <4FF315B2.5020804@raszuk.net>
Date: Tue, 03 Jul 2012 17:54:26 +0200
From: Robert Raszuk <robert@raszuk.net>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:13.0) Gecko/20120614 Thunderbird/13.0.1
MIME-Version: 1.0
To: Jon Mitchell <jrmitche@puck.nether.net>
References: <20120702164834.GB13713@puck.nether.net> <4FF1D47D.5020408@raszuk.net> <20120703011048.GA22452@puck.nether.net> <4FF2AB95.9020600@raszuk.net> <20120703131720.GA22598@puck.nether.net> <4FF30AF6.1090203@raszuk.net> <20120703154241.GA7103@puck.nether.net>
In-Reply-To: <20120703154241.GA7103@puck.nether.net>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: idr@ietf.org
Subject: Re: [Idr] new ID on expansion of private use ASN range
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: robert@raszuk.net
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/idr>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Jul 2012 15:54:21 -0000

Jon,

The point I am making is that you no always have full control on what 
private AS your customer chooses to use.

If you use private AS within your domain there is risk that you would 
end up using the same AS number as your customers - so all tricks like 
private AS stripping, allowas-in or as-override would still need to be 
applied.

And once you apply it once you better apply it everywhere as non uniform 
configuration which does not follow templates is the worst NOC nightmare.

That is no matter how many private ASes are in the pool.

I am bringing SOO as an example as this is single time configuration 
when you establish eBGP session to a given site to see what would be 
missing to realize your objective. The main difference is that you have 
full control over SOO value.

 > [JM]  Robert - are you are saying you do not support the draft

No - however seeing comments from others I am getting less and less keen 
on it - more towards being just neutral. Clearly just reserving the pool 
does no harm to anyone ;-)

Rgs,
R.


> [JM] Inline..
>
> On Tue, Jul 03, 2012 at 05:08:38PM +0200, Robert Raszuk wrote:
>> Jon,
>>
>>> I don't expect this draft to fix/change every
>>> situation where AS_PATH manipulation hacks are used, but it should
>>> reduce the ones where they are used for communication within one
>>> administrative domain that can allocate their own numbering yet the
>>> number of sites exceeds 1022.
>>
>> How about if each of such internal site uses the same *single*
>> private AS number and you perform loop detection/troubleshooting by
>> use of SOO extended community ?
>>
>> It is local to you to assign it's value (6 octets seems wide enough)
>> and it has been already widely implemented.
>
> [JM]  Robert - are you are saying you do not support the draft as I can
> use hacks/workarounds such as allow-as-in or as-override in conjunction
> with site of origin to add loop detection or am I misunderstanding your
> suggestion?  What if I want to use BGP as designed for AS_PATH loop
> detection and be able to do standard troubleshooting/filtering based on
> AS_PATH and not worry about (mis-)configuration of soo?   Why not have a
> range of private ASNs large enough to support internal networking
> requirements of organizations w/o the use of more and more features?
>
> _______________________________________________
> Idr mailing list
> Idr@ietf.org
> https://www.ietf.org/mailman/listinfo/idr
>
>

v2.31.3 | Report a Bug | By Email | System Status