Re: [Idr] IETF LC for IDR-ish document <draft-ietf-grow-bgp-reject-05.txt> (Default EBGP Route Propagation Behavior Without Policies) to Proposed Standard

Mikael Abrahamsson <swmike@swm.pp.se> Tue, 25 April 2017 10:15 UTC

Return-Path: <swmike@swm.pp.se>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 57BA512EB02 for <idr@ietfa.amsl.com>; Tue, 25 Apr 2017 03:15:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.301
X-Spam-Level:
X-Spam-Status: No, score=-4.301 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=swm.pp.se
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wnoMbC1YM5sU for <idr@ietfa.amsl.com>; Tue, 25 Apr 2017 03:15:38 -0700 (PDT)
Received: from uplift.swm.pp.se (swm.pp.se [212.247.200.143]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2F5E912EB01 for <idr@ietf.org>; Tue, 25 Apr 2017 03:15:38 -0700 (PDT)
Received: by uplift.swm.pp.se (Postfix, from userid 501) id 117B1A3; Tue, 25 Apr 2017 12:15:34 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=swm.pp.se; s=mail; t=1493115335; bh=JAj9Sk+7hiDT3iiE1vEWCR3rNjYnyx1kQne3oRdHD1o=; h=Date:From:To:cc:Subject:In-Reply-To:References:From; b=tCTVEdEh1CW+EubGXEe7uBVI50PzfJsxbTxxj4/2EhWq9FCUIyvvRu62IwXnHS0r/ 0s0hJVuwCF2kP/ygw4yG7k1Clwo1gXNWCWwZbfbGf33ta+rzzMLlERlyVJI4UepWPe F5Dgq7O9yw6jSltduaeCi3IrhJp5yjISFFLTtfXQ=
Received: from localhost (localhost [127.0.0.1]) by uplift.swm.pp.se (Postfix) with ESMTP id EC07FA2; Tue, 25 Apr 2017 12:15:34 +0200 (CEST)
Date: Tue, 25 Apr 2017 12:15:34 +0200 (CEST)
From: Mikael Abrahamsson <swmike@swm.pp.se>
To: bruno.decraene@orange.com
cc: idr wg <idr@ietf.org>
In-Reply-To: <6721_1493114999_58FF2077_6721_1006_8_53C29892C857584299CBF5D05346208A31CCB44F@OPEXCLILM21.corporate.adroot.infra.ftgroup>
Message-ID: <alpine.DEB.2.02.1704251211420.5591@uplift.swm.pp.se>
References: <D4E812E8-AA7B-4EA2-A0AC-034AA8922306@juniper.net> <CA+b+ERnRz8BEO3mb1fnsDPoiL6Wxjdfw9vQPbyODNEa+xCJdnw@mail.gmail.com> <D51D67E4.A9782%acee@cisco.com> <AF07526F-F08B-4084-937B-A9A2D2DD2813@juniper.net> <D51D6AD2.A9795%acee@cisco.com> <CAL9jLaa1UQ5A1FwRKVw5RJCBQO+0j0BW4vUNaPXHB0_JB0j76Q@mail.gmail.com> <1058_1493105140_58FEF9F4_1058_786_3_53C29892C857584299CBF5D05346208A31CCAD43@OPEXCLILM21.corporate.adroot.infra.ftgroup> <alpine.DEB.2.02.1704250930500.5591@uplift.swm.pp.se> <20393_1493106881_58FF00C1_20393_19903_1_53C29892C857584299CBF5D05346208A31CCAEB1@OPEXCLILM21.corporate.adroot.infra.ftgroup> <alpine.DEB.2.02.1704251000070.5591@uplift.swm.pp.se> <9917_1493109125_58FF0985_9917_13726_10_53C29892C857584299CBF5D05346208A31CCB014@OPEXCLILM21.corporate.adroot.infra.ftgroup> <alpine.DEB.2.02.1704251137160.5591@uplift.swm.pp.se> <6721_1493114999_58FF2077_6721_1006_8_53C29892C857584299CBF5D05346208A31CCB44F@OPEXCLILM21.corporate.adroot.infra.ftgroup>
User-Agent: Alpine 2.02 (DEB 1266 2009-07-14)
Organization: People's Front Against WWW
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/y_gAqXwLW2VDAxqyKifdVE6NUHQ>
Subject: Re: [Idr] IETF LC for IDR-ish document <draft-ietf-grow-bgp-reject-05.txt> (Default EBGP Route Propagation Behavior Without Policies) to Proposed Standard
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 25 Apr 2017 10:15:39 -0000

On Tue, 25 Apr 2017, bruno.decraene@orange.com wrote:

> If the problem is route leak (which is indeed a problem to solve):
> - draft-ietf-grow-bgp-reject is unfortunately not a solution to route leak.

Errr... It's a solution to ONE huge glaring reason for some route leaks.

> There is nothing to check/unsure that the route advertised/received are 
> the "right" ones.

The problem draft-ietf-grow-bgp-reject tries to solve is when lack of 
config means you're announcing ALL your routes. So yes, you're technically 
correct, but I don't see the relevance.

> So if the problem is route leak, draft-ymbk-idr-bgp-open-policy seems a better solution to me.

It's not even an WG document. When will it be done? 
draft-ietf-grow-bgp-reject is short, concise and to the point, and easily 
understandable and can be adopted quickly.

> Eventually, it could include some idea from draft-ietf-grow-bgp-reject. 
> .e.g.  by introducing a "semi-strict mode" or "safe mode": if set, and

The whole problem draft-ietf-grow-bgp-reject tries to solve is that people 
are leaking routes WITHOUT SETTING ANYTHING. They're just creating the 
neighbor and then *boom* entire BGP table is sent.

-- 
Mikael Abrahamsson    email: swmike@swm.pp.se