Hi, Given the importance of RFCs in the community, I feel it is valuable to notify this communication from me to you to the entire list.
I would note that the interpretation of RFC7947 in the following email (sorry for top posting) is in direct violation of RFC2119; 4. SHOULD NOT This phrase, or the phrase "NOT RECOMMENDED" mean that there may exist valid reasons in particular circumstances when the particular behavior is acceptable or even useful, but the full implications should be understood and the case carefully weighed before implementing any behavior described with this label. I would like to encourage (publicly) that RFCs be read consistently, rather than in a haphazard way that varies reader by reader. Consistency is the key to supporting the NZ Internet effectively (Note, RFC2119 doesn’t say “read it this way when you can be bothered”). Additionally, I would like to note that I share your preference that the route server not prepend its own AS number to the AS_PATH, but that improper interpretations of RFCs could have an operational impact on the Internet in NZ as a whole. <serious> Given exchange participants may need to implement configuration changes, I think it’s reasonable that this is opt-in. I think the Citylink approach here is reasonable, even if it doesn’t get everyone to where you want immediately. Let’s work on lobbying those participants who have not opted in, rather than flogging an almost-dead horse. I’ll help! </serious> Cheers, Nathan ####### FOREWARDED [sic] MESSAGE BELOW ####### > On 27/02/2017, at 4:57 PM, Tim Hoffman <t...@hoffman.net.nz> wrote: > > Greetings, > > Given the importance of Citylink's IX services in the community, I feel that > it is valuable to notify this communication from them to the entire list. > > I would note that they are explicitly stating in this communication they will > not ever forcibly require consistent behavior. I would note that this is in > direct violation of RFC7947; > 2.2.2.1. Route Server AS_PATH Management > > As a route server does not participate in the process of forwarding > data between client routers, and because modification of the AS_PATH > attribute could affect the route server client BGP Decision Process, > the route server SHOULD NOT prepend its own AS number to the AS_PATH > segment nor modify the AS_PATH segment in any other way. > > I would like to encourage (publicly) that Citylink implement this > consistently, rather than in a haphazard way that varies customer by > customer. Consistency is the key to supporting the NZ internet effectively > (Note, RFC7947 doesn't say "do this when your customer can be bothered"). > Additionally, I would like to encourage Citylink to communicate with the > NZNOG community when publishing updates that could have an operational impact > on the internet in NZ as a whole. > > Cheers, > Tim > > ####### FOREWARDED MESSAGE BELOW ####### > > > Dear REDACTED > > > > CityLink would like to inform you of some exciting NZIX developments that > concern your existing ExchangeNET connection(s). We’re introducing some > changes to the way we operate the NZIX route servers in order to improve our > compliance with recent proposed standards (RFC7947 and RFC7948), and to > minimise the disruption caused by routine administrative changes going > forward. > > > > > > Background > > CityLink provides two route servers at each of the NZIX exchanges - currently > Auckland (APE), Hamilton (HIX), Wellington (WIX), Christchurch (CHIX) and > Dunedin (DPE). The route servers facilitate multilateral interconnection > between the participants at each exchange by simplifying the BGP > configuration and admin overhead otherwise needed to exchange routing > information between multiple eBGP speakers. The NZIX route servers have > traditionally prepended the exchange’s Autonomous System (AS) number to the > AS path of the prefixes they advertise back out to peers. > > > > > > What is changing? > > A number of ExchangeNET customers have expressed a preference that the NZIX > route servers no longer prepend the exchange AS number to the AS path of > advertisements sent to them. This preference is consistent with recent > proposed standards (RFC7947 and RFC7948), and is the recommended best current > practice for Internet exchange route server operation. However, in order to > put this change into effect, ExchangeNET customers who peer with the NZIX > route servers may need to make a (potentially disruptive) change to their > existing BGP configuration. > > > > While CityLink would prefer all ExchangeNET customers peering with the NZIX > route servers to support this alignment with best current practice, we > recognise that the timing to implement such changes may differ based on your > individual business needs. Therefore, we have decided to implement the > changes on a per-participant basis, and we invite those ExchangeNET customers > who would like to “opt-in” to the changes (that is, for the NZIX route > servers to no longer prepend the exchange AS number to the AS path of the > advertisements sent to them), to contact us. We will endeavor to accommodate > requests for configuration changes to be made at times convenient for each > ExchangeNET customer, commencing from 13th March 2017 onwards. > > > > Note: We will not be changing the configuration of any existing sessions > without that participant’s agreement. > > > > > > What are the implications of the change? > > · ExchangeNET customers who peer with the NZIX route servers will see > the AS path for prefixes received shortened by one hop (the exchange AS > number). This may alter the current choice of best path for those prefixes. > > · If you had been using the presence of an exchange AS in the AS path > to influence your organisation’s routing policy, you may need to amend your > configuration in order to achieve your routing policy objectives. It may not > be quite so obvious that a given route has been learnt from a particular NZIX > exchange point going forward. > > · Your router may need to be configured with its equivalent of no bgp > enforce-first-as to restore its BGP session(s) with the NZIX route servers > after the change is made. > > > > > > I’d like to “opt-in” to the change. What do I need to do? > > If you’d like us to remove the exchange AS number from the AS path of the > advertisements you receive from the NZIX route servers, please email us at > peer...@citylink.co.nz <mailto:peer...@citylink.co.nz> with your AS number, > the contact details for the person(s) from your organisation that will be > involved in making the changes, and an initial indication of when you’d like > to implement the change (if known). Changes will only be implemented at a > mutually-agreed time to minimise any disruption, commencing from 13th March > 2017 onwards. > > > > > > I’d prefer not to “opt-in” to the change right now. Do I need to do anything? > > If you’d prefer that the NZIX route servers continue prepending the exchange > AS number to the AS path of advertisements sent to you, you don’t need to > take any action right now. However, we would appreciate a return email > confirming the contact details for the most suitable person(s) from your > organisation whom we should engage with on these matters going forward. > > > > > > I’d prefer not to “opt-in” to the change at all. Will I be encouraged to > eventually? > > It is hoped that over time all ExchangeNET customers will choose to “opt-in” > and thus support CityLink’s efforts to align the NZIX exchanges with best > current practices, to the benefit of the wider NZ Internet community. > > > > > > What will be the “default” configuration for new ExchangeNET customers? > > Going forward, all new BGP sessions configured on the NZIX route servers will > conform to the recommend best current practice (that is, the route servers > will not prepend the exchange AS number to the AS path of prefixes sent to > peers). > > > > > > Is anything else changing? > > Yes! The method by which configuration changes have historically been > “pushed” to the NZIX route servers has necessitated a “hard reset” of the BGP > session(s) with all existing peers. Although the two route servers at each > exchange are reloaded independently (ensuring that each peer has an > established session with at least one NZIX route server at all times), the > overheads associated with performing the hard reset are higher than they need > to be. In order to minimise the impact of routine administrative changes > going forward, we are changing the way in which configuration changes are > pushed to the route servers. Note that changes will continue to be applied to > each route server independently, however, thereby ensuring optimal > availability for NZIX. > > > > > > I have a question about these changes. Who should I contact? > > Please email us at peer...@citylink.co.nz <mailto:peer...@citylink.co.nz> in > the first instance. We’ll be happy to help! > > > > > > Kind Regards, > > <image001.jpg> <http://www.citylink.co.nz/> > Toll Free 0800 424 895 > > Level 6, 25 Cambridge Terrace > > www.citylink.co.nz <http://www.citylink.co.nz/> > Wellington 6011 > > > > This mail message contains information that is confidential and which may be > subject to legal privilege. If you are not the intended recipient, you must > not use, distribute or copy this message. If you have received this message > in error, please notify the sender immediately and erase this mail and its > attachments. > > > > _______________________________________________ > NZNOG mailing list > NZNOG@list.waikato.ac.nz > https://list.waikato.ac.nz/mailman/listinfo/nznog
_______________________________________________ NZNOG mailing list NZNOG@list.waikato.ac.nz https://list.waikato.ac.nz/mailman/listinfo/nznog