Minute takers: Massimiliano Stucchi and Nathalie Trenaman ################ Presentation: BMP - Paolo Lucente ( draft-ietf-grow-bmp-adj-rib-out-01.txt and draft-ietf-grow-bmp-local-rib-01.txt) ################ Randy Bush highlighted a problem in the BMP implementation from vendors. He's worried about adding more parts to it. Additionally, he mentioned that he likes the drafts. Ruediger Volk pointed out that there are gaps in the overall picture: he feels there are information that are dropped between RIB-in and the post-policy that could be of interest for him. It would be interesting to know which routes have been dropped, and which one of the policy decisions affected it. For certain vendors a code point could be added to send all this data to central logging for analysis. Paolo mentioned that he's done work on pre- and post-policies. He feels the issue to be out of scope for the moment and for the specific draft. Job proposed to add another draft to address this issue. Paolo is concerned that trying to find a common language across vendors to describe actions and policies could be hard. Ruediger suggested using exit codes that could be scripted. Jeff Haas mentioned that not everything could be standardised. He suggested that there could be a way to allow operators to put their own messages in the description. There were no more questions nor comments. ################# Presentation: Randy Bush - draft-ymbk-grow-wkc-behavior-00 ################# Ruediger asked about the well-known communities, and the fact that in the past it was deemed not possible to add more, but recently it happened. In the end the question pointed towards asking "what is a well-known community?" Ruediger also suggested to add a "delete all" command to remove all the communities from a configuration Jeff Haas commented that IANA should be asked about the meaning of well-known communities, and that the behaviour of vendors depends on how IANA handled it at the beginning. Randy Bush asked the room if considering this problem a bug is the right way, or if removing the set command could be a problem for many implementors. John Scudder mentioned that he just read the draft and suggested to go ahead with what is there and not add anything, which is what the draft says. Ruediger suggested to ask the vendors for approriate delete commands to be used. There were no more questions nor comments. ############### Presentation: Job Snijders - IRR vs RPKI parity regarding AS-SETs ############### George Michaelson suggested to not modify RPKI, but that something is being added. He added that the critical moment is about who signs and what should be in the certificates that are being produced. Ruediger Volk said that it's correct to point out that AS-Sets are being used but do not appear in RPKI, but do in RPSL. Good idea to make progress, but identifying gaps in functionality is important, so they can be filled. He pointed out, though, that there's a difference between authorisation and policy documentation. RPKI provides clear authorisation. RPSL was policy documentation. Using the IRR as an authorisation mechanism and trying to fix it while we already have an authorisation system could be wrong. AS-Sets can not have authorisation, and they contain wrong data most of the time. This problem needs to be fixed. Jeff Haas pointed out that Sets are nice but they belong in RPSL. Sets are useful for policies, but probably it is not as needed as we're thinking. The idea resembles RPSL export statements. Job replied that if only we can mimic AS-Sets in RPKI, that can be useful. Jeff replied that he agrees they can be useful. Randy Bush asked about how recursion would work, and what authority he would be asserting over those objects. He also criticised the type of approach. Ruediger Volk commented about how AS-Sets could be registered, and mentioned that they could be created in any IRR and be looked up in each one of them. It would be nice to find a way to fix this issue. The best way would be to use adjacency-assertions, but this is impractical to be applied in real life. Doug Montgomery Commented aobut Authorisation in ROAs, and how this is not enforced as Ruediger was explaining. The line was cut, as there was no more time for comments or questions. ############### Presentation: Alexander Azimov - uRPF Reboot ############### Randy Bush commented that implementing BCP38 would be easier than implementing what Alexander is suggesting. Alexander commented that this is just to guarantee spoofed traffic will not leave the customer network. Ruediger Volk commented that their customers would not be happy about implementing this solution. Job Snijders commented that using graceful shutdown is a nice idea, and added that finding equipment that could do uRPF efficiently is quite hard. Until this problem is solved, he would not even consider uRPF at all. Warren Kumari asked about how this implementation is done, and how local-preference is used in achieving the desired behaviour. There was a discussion among Randy Bush and Warren Kumari about the difference between No-export and Graceful Shutdown. Ruediger Volk suggested using also the no-export- community instead. Doug Montgomery asked clarification about how no-export is used in this scenario, and Alexander clarified that this draft applies mainly to stub networks. Doug also asked if there's the assumption that uRPF only applies to stub networks, and that transit networks should not be doing it. The line was cut, and Job suggested to bring more questions to the mailing list.