Hi,
On Sun, Oct 22, 2023 at 09:34:24PM +0200, Tobias Fiebig wrote:
> - Consider adding a point on not using LPREF on RS sessions/honoring
> GSHUT
These are two points, though related... and we're running into this
just today (sending GSHUT + 3x prepend to IXP to drain our traffic
before a planned outage, and peers just ignoring the GSHUT and overriding
the prepend with LPREF...) - so yes, let's make this happen :-)
> - Use of MUST vs. SHOULD; Other contemporary drafts use stronger
> language; From a general standpoint I'd argue 'MUST' might be better
> under the premise of 'to follow best practices this MUST be done'
> with the caveat of 'best practices SHOULD' be followed; Still,
> currently it still uses BCP14 SHOULD for all points.
This is a bit of "my network, my rules" thing - this is all very strongly
recommended, so SHOULD, but there might be good reason why a particular
recommendation can not be followed ("something mumble mumble vendor
mumble mumble not working").
> Looking forward to hear opinions, especially on the somewhat more
> stretchy points (recommending filtering iBGP for example ;-)).
Having been bitten by a vendor that honours GSHUT on iBGP (and lowers
local-pref to 0), which causes persistent loops when other vendors in
the same iBGP mesh do not do this, indeed, a few words on "SHOULD not mess
with priorities on iBGP" would be good - though less an "BGP security"
topic, more a "robust operations" thing.
No time yet to read through all the rest.
Gert Doering
-- NetMaster
--
have you enabled IPv6 on something today...?
SpaceNet AG Vorstand: Sebastian v. Bomhard, Michael Emmer
Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann
D-80807 Muenchen HRB: 136055 (AG Muenchen)
Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279
_______________________________________________
GROW mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/grow
