Unique Origin Autonomous System Numbers (ASNs) per Node for Globally Anycasted Services
draft-ietf-grow-unique-origin-as-01

[Ballot discuss]
There are three copyright statements in the document.  Please
  consolidate.

  This document uses RFC 2119 key words.  Please add the usual RFC 2119
  boilerplate.

    The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
    "SHOULD", "SHOULD NOT", "RECOMMENDED",  "MAY", and "OPTIONAL" in
    this document are to be interpreted as described in RFC 2119.

  The Acknowledgements section includes: "Others?  Your name could be
  here......."  Please finalize this section.

[Ballot comment]
I have a number of comments that don't quite make it to the level of
Discusses, but I would surely welcome it were you to attend to them.

---

I feel it would be worth going the extra mile to clarify what level
of uniqueness you are asking for. You have text such as:

  This document makes recommendations regarding the use of per-node
  unique origin ASNs for globally anycasted critical infrastructure
  services in order to provide routing system discriminators for a
  given anycasted prefix.  (Abstract)

and

  In order to be able to better detect changes to routing information
  associated with crtical anycasted resources, globally anycasted
  services with partitioned origin ASNs SHOULD utilize a unique origin
  ASN per node where possible. (Section 3)

Owing to the lamentable state of the education system, there is
considerable risk that people will not know whether you mean:

- A globally-unique ASN is allocated per node
or
- A node-unique ASN is allocated per anycasted service

---

The Routing Directorate review by Stig Venaas raised the following
issues that I think should be attended to.

Section 2

Regarding traceroute it says:

    enables service-level identification of a given server.  Tools such
    as traceroute are also used to determine which location a given query
    is being routed to, although it may not reveal local-scope anycast
    instances, or if there are multiple servers within a given anycast
    node, which of the servers responded to a given query, in particular
    when multiple servers within an anycast node are connected to a
    single IP router.  When utilizing these service level capabilities,

Why is local-scope emphasized here? I would think that traceroute
always gives you one node. It may be a particular global node, or a
local node, depending on your location. It may not reveal local-scope,
but it may not reveal global-scope either. They key thing is that you
get only one. And you may not know what the scope is either. Am I
missing something, or should the text be changed?

---

Section 2

Regarding synchronization of instances it says:

    Additionally, while it goes without saying that anycasted services
    should always strive for exact synchronization across all instances
    of an anycasted service address, if local policies or data plane
    response manipulation techniques were to "influence" responses within
    a given region in such a way that those response are no longer
    authentic or that they diverge from what other nodes within an
    anycasted service were providing, then it should be an absolute
    necessity that those modified resources only be utilized by service
    consumers within that region or influencer's jurisdiction.

Isn't this a bit DNS centric? I can think of anycast services where
different nodes intentionally have different content. I'm not sure
if it necessarily is important to restrict it to region or jurisdiction
either. It all depends on the service.

Maybe rephrase this to point out that this may be an important issue,
depending on the service?

---

Nit:

In the paragraph above I found this line:

    a given region in such a way that those response are no longer
                                            ^^^^^^^^
s/response/responses

[Ballot discuss]
There are three copyright statements in the document.  Please
  consolidate.

  This document uses RFC 2119 key words.  Please add the usual RFC 2119
  boilerplate.

    The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
    "SHOULD", "SHOULD NOT", "RECOMMENDED",  "MAY", and "OPTIONAL" in
    this document are to be interpreted as described in RFC 2119.

  The Acknowledgements section includes: "Others?  Your name could be
  here......."  Please finalize this section.

[Ballot comment]
1. ASN should be expanded earlier, probably as soon as the title of the document.

2. In the IANA Considerations section all the text that follows the statement that no actions are required from IANA does not seem IANA related and could be dropped.

[Ballot discuss]
Although RFC2119 is included in the references there is no RFC2119 boilerplate. As far as I can tell there are three capitalized key words in Section 3. While the first one (the recommendation to utilize a unique origin ASN per node) makes sense, for the other two it seems that the document could do well without them:

> Furthermore, inconsistent origin AS announcements associated with
  anycasted services for critical infrastructure SHOULD NOT be deemed
  undesirable by routing system reporting functions, but should instead
  be embraced in order to better identify the connectedness and
  footprint of a given anycasted service.

  While namespace conservation and reasonable use of AS number
  resources should always be a goal, the introduction of 32-bit ASNs
  significantly lessens concerns in this space.  Globally anycasted
  resources, in particular those associated with critical
  infrastructure-enabling services such as root and TLD name servers,
  SHOULD warrant special consideration with regard to AS number
  allocation practices during policy development by the constituents of
  those responsible organizations (e.g., the Regional Internet
  Registries). 

'SHOULD NOT be deemed undesirable' and 'SHOULD warrant special consideration' seem too vague for a capitalized recommendation in a BCP.

[Ballot comment]
It's not clear to me why this document is going for BCP rather than standards track, but I expect this topic will be discussed in the context of other documents on the agenda this week, so I'm not going to hold up this one specifically.

[Ballot comment]
Section 3 seems like it would work better if the 4th paragraph (on ASN conservation) were moved up to be the 1st paragraph, since it would describe why the rest of the section is now advisable after the addition of support for 32-bit ASNs, and it also describes what this document means by the "critical infrastructure" term that's used in some of the other paragraphs in this section..

Note: idnits complains that the 2119 boilerplate doesn't exist and that 2119 is included as a reference but not referred to in the document.

State changed to In Last Call from Last Call Requested.

The following Last Call Announcement was sent out:

From: The IESG
To: IETF-Announce
CC:
Reply-To: ietf@ietf.org
Subject: Last Call:  (Unique Per-Node Origin ASNs for Globally Anycasted Services) to BCP


The IESG has received a request from the Global Routing Operations WG
(grow) to consider the following document:
- 'Unique Per-Node Origin ASNs for Globally Anycasted Services'
  as a BCP

The IESG plans to make a decision in the next few weeks, and solicits
final comments on this action. Please send substantive comments to the
ietf@ietf.org mailing lists by 2011-04-29. Exceptionally, comments may be
sent to iesg@ietf.org instead. In either case, please retain the
beginning of the Subject line to allow automated sorting.

The file can be obtained via
http://datatracker.ietf.org/doc/draft-ietf-grow-unique-origin-as/

IESG discussion can be tracked via
http://datatracker.ietf.org/doc/draft-ietf-grow-unique-origin-as/

  (1.a)  Who is the Document Shepherd for this document?  Has the
          Document Shepherd personally reviewed this version of the
          document and, in particular, does he or she believe this
          version is ready for forwarding to the IESG for publication?

Peter Schoenmaker pds@lugs.com grow working group co-chair is the document shepherd.  This document has been reviewed by the shepherd, and is ready for publication.

  (1.b)  Has the document had adequate review both from key WG members
          and from key non-WG members?  Does the Document Shepherd have
          any concerns about the depth or breadth of the reviews that
          have been performed?

The document has been reviewed by a wide range of WG members, and has wide support for the publication.  The people who have reviewed the document, along with the Working group, believe the document is ready.  The document shepherd believes adequate reviews have been performed on the document.


  (1.c)  Does the Document Shepherd have concerns that the document
          needs more review from a particular or broader perspective,
          e.g., security, operational complexity, someone familiar with
          AAA, internationalization or XML?

There are no concerns about the document.

  (1.d)  Does the Document Shepherd have any specific concerns or
          issues with this document that the Responsible Area Director
          and/or the IESG should be aware of?  For example, perhaps he
          or she is uncomfortable with certain parts of the document, or
          has concerns whether there really is a need for it.  In any
          event, if the WG has discussed those issues and has indicated
          that it still wishes to advance the document, detail those
          concerns here.  Has an IPR disclosure related to this document
          been filed?  If so, please include a reference to the
          disclosure and summarize the WG discussion and conclusion on
          this issue.

There are no issues concerning the document.

  (1.e)  How solid is the WG consensus behind this document?  Does it
          represent the strong concurrence of a few individuals, with
          others being silent, or does the WG as a whole understand and
          agree with it?

The document has a strong desire related to the work, and has achieved strong consensus on the document.


  (1.f)  Has anyone threatened an appeal or otherwise indicated extreme
          discontent?  If so, please summarise the areas of conflict in
          separate email messages to the Responsible Area Director.  (It
          should be in a separate email because this questionnaire is
          entered into the ID Tracker.)

There have been no threats or other concerns related to the document.

  (1.g)  Has the Document Shepherd personally verified that the
          document satisfies all ID nits?  (See
          http://www.ietf.org/ID-Checklist.html and
          http://tools.ietf.org/tools/idnits/).  Boilerplate checks are
          not enough; this check needs to be thorough.  Has the document
          met all formal review criteria it needs to, such as the MIB
          Doctor, media type and URI type reviews?

The nits have been reviewed.  The document is satisfactory.  There is one error, for lines too long.  It will be corrected after the AD review.

  (1.h)  Has the document split its references into normative and
          informative?  Are there normative references to documents that
          are not ready for advancement or are otherwise in an unclear
          state?  If such normative references exist, what is the
          strategy for their completion?  Are there normative references
          that are downward references, as described in [RFC3967]?  If
          so, list these downward references to support the Area
          Director in the Last Call procedure for them [RFC3967].

The references has been broken into normative and informative.


  (1.i)  Has the Document Shepherd verified that the document IANA
          consideration section exists and is consistent with the body
          of the document?  If the document specifies protocol
          extensions, are reservations requested in appropriate IANA
          registries?  Are the IANA registries clearly identified?  If
          the document creates a new registry, does it define the
          proposed initial contents of the registry and an allocation
          procedure for future registrations?  Does it suggest a
          reasonable name for the new registry?  See [RFC2434].  If the
          document describes an Expert Review process has Shepherd
          conferred with the Responsible Area Director so that the IESG
          can appoint the needed Expert during the IESG Evaluation?

This document has no IANA considerations.  A IANA consideration section has been included in the document.

  (1.j)  Has the Document Shepherd verified that sections of the
          document that are written in a formal language, such as XML
          code, BNF rules, MIB definitions, etc., validate correctly in
          an automated checker?

The document does not contain any sections that require formal language.

  (1.k)  The IESG approval announcement includes a Document
          Announcement Write-Up.  Please provide such a Document
          Announcement Write-Up?  Recent examples can be found in the
          "Action" announcements for approved documents.  The approval
          announcement contains the following sections:


          Technical Summary
This document makes recommendations regarding the use of per-node unique origin ASNs for globally anycasted critical infrastructure services in order to provide routing system discriminators for a given anycasted prefix.  Network managment and monitoring techniques, or other operational mechanisms may employ this new discriminator in whatever manner fits their operating environment.

          Working Group Summary
The working group has wide support.  We had many different people, especially operators which supported the document and felt the work was quite worthwhile.  The document is short, and even though it is a ?00? draft, comments and feedback have been incorporated in document.

          Document Quality
The document is straightforward, and well written.  It covers the requirement space succinctly. 

          Personnel
Peter Schoenmaker pds@lugs.com is the document shepherd.  Ron Bonica is the AD responsible for the document.