*there may exist valid reasons in particular circumstances when the
particular behavior is acceptable or even useful*
I don't necessarily disagree that a migration over time may be useful, I
disagree with the end state of an inconsistent behavior... The key here is
having a date by which we enforce a consistent behavior....
Having said that, fair point on RFC2119 sir :)
On Sun, Feb 26, 2017 at 8:45 PM, Nathan Ward <nznog(a)daork.net> wrote:
Given the importance of RFCs in the community, I feel it is valuable to
notify this communication from me to you to the entire list.
I would note that the interpretation of RFC7947 in the following email
(sorry for top posting) is in direct violation of RFC2119;
4. SHOULD NOT This phrase, or the phrase "NOT RECOMMENDED" mean that
there may exist valid reasons in particular circumstances when the
particular behavior is acceptable or even useful, but the full
implications should be understood and the case carefully weighed
before implementing any behavior described with this label.
I would like to encourage (publicly) that RFCs be read consistently,
rather than in a haphazard way that varies reader by reader. Consistency is
the key to supporting the NZ Internet effectively *(Note, RFC2119 doesn’t
say “read it this way when you can be bothered”)*. Additionally, I would
like to note that I share your preference that the route server not prepend
its own AS number to the AS_PATH, but that improper interpretations of RFCs
could have an operational impact on the Internet in NZ as a whole.
Given exchange participants may need to implement configuration changes, I
think it’s reasonable that this is opt-in. I think the Citylink approach
here is reasonable, even if it doesn’t get everyone to where you want
immediately. Let’s work on lobbying those participants who have not opted
in, rather than flogging an almost-dead horse. I’ll help!
####### FOREWARDED [sic] MESSAGE BELOW #######
On 27/02/2017, at 4:57 PM, Tim Hoffman <tim(a)hoffman.net.nz> wrote:
Given the importance of Citylink's IX services in the community, I feel
that it is valuable to notify this communication from them to the entire
I would note that they are explicitly stating in this communication they
will not ever forcibly require consistent behavior. I would note that this
is in direct violation of RFC7947;
*188.8.131.52. Route Server AS_PATH Management*
* As a route server does not participate in the process of forwarding*
* data between client routers, and because modification of the AS_PATH*
* attribute could affect the route server client BGP Decision Process,*
* the route server SHOULD NOT prepend its own AS number to the AS_PATH*
* segment nor modify the AS_PATH segment in any other way.*
I would like to encourage (publicly) that Citylink implement this
consistently, rather than in a haphazard way that varies customer by
customer. Consistency is the key to supporting the NZ internet effectively *(Note,
RFC7947 doesn't say "do this when your customer can be bothered")*.
Additionally, I would like to encourage Citylink to communicate with the
NZNOG community when publishing updates that could have an operational
impact on the internet in NZ as a whole.
####### FOREWARDED MESSAGE BELOW #######
CityLink would like to inform you of some exciting NZIX developments that
concern your existing ExchangeNET connection(s). We’re introducing some
changes to the way we operate the NZIX route servers in order to improve
our compliance with recent proposed standards (RFC7947 and RFC7948), and to
minimise the disruption caused by routine administrative changes going
CityLink provides two route servers at each of the NZIX exchanges
- currently Auckland (APE), Hamilton (HIX), Wellington (WIX), Christchurch
(CHIX) and Dunedin (DPE). The route servers facilitate
multilateral interconnection between the participants at each exchange by
simplifying the BGP configuration and admin overhead otherwise needed
to exchange routing information between multiple eBGP speakers. The NZIX
route servers have traditionally prepended the exchange’s Autonomous System
(AS) number to the AS path of the prefixes they advertise back out to peers.
*What is changing?*
A number of ExchangeNET customers have expressed a preference that the
NZIX route servers no longer prepend the exchange AS number to the AS path
of advertisements sent to them. This preference is consistent with recent
proposed standards (RFC7947 and RFC7948), and is the recommended best
current practice for Internet exchange route server operation. However, in
order to put this change into effect, ExchangeNET customers who peer with
the NZIX route servers may need to make a (potentially disruptive) change
to their existing BGP configuration.
While CityLink would prefer all ExchangeNET customers peering with the
NZIX route servers to support this alignment with best current practice, we
recognise that the timing to implement such changes may differ based on
your individual business needs. Therefore, we have decided to implement the
changes on a per-participant basis, and we invite those
ExchangeNET customers who would like to “opt-in” to the changes (that is,
for the NZIX route servers to no longer prepend the exchange AS number to
the AS path of the advertisements sent to them), to contact us. We will
endeavor to accommodate requests for configuration changes to be made at
times convenient for each ExchangeNET customer, commencing from *13th March
*Note:* We will *not* be changing the configuration of any existing
sessions without that participant’s agreement.
*What are the implications of the change?*
· ExchangeNET customers who peer with the NZIX route servers will
see the AS path for prefixes received shortened by one hop (the exchange AS
number). This may alter the current choice of best path for those prefixes.
· If you had been using the presence of an exchange AS in the AS
path to influence your organisation’s routing policy, you may need to amend
your configuration in order to achieve your routing policy objectives. It
may not be quite so obvious that a given route has been learnt from a
particular NZIX exchange point going forward.
· Your router may need to be configured with its equivalent of *no
bgp enforce-first-as* to restore its BGP session(s) with the NZIX route
servers after the change is made.
*I’d like to “opt-in” to the change. What do I need to do?*
If you’d like us to remove the exchange AS number from the AS path of the
advertisements you receive from the NZIX route servers, please email us at
<peering(a)citylink.co.nz>* with your AS number, the contact details for
the person(s) from your organisation that will be involved in making the
changes, and an initial indication of when you’d like to implement the
change (if known). Changes will only be implemented at a mutually-agreed
time to minimise any disruption, commencing from *13th March 2017*
*I’d prefer not to “opt-in” to the change right now. Do I need to do
If you’d prefer that the NZIX route servers continue prepending the
exchange AS number to the AS path of advertisements sent to you, you don’t
need to take any action right now. However, we would appreciate a return
email confirming the contact details for the most suitable person(s) from
your organisation whom we should engage with on these matters going forward.
*I’d prefer not to “opt-in” to the change at all. Will I be encouraged to
It is hoped that over time all ExchangeNET customers will choose to
“opt-in” and thus support CityLink’s efforts to align the NZIX exchanges
with best current practices, to the benefit of the wider NZ Internet
*What will be the “default” configuration for new ExchangeNET customers?*
Going forward, all new BGP sessions configured on the NZIX route servers
will conform to the recommend best current practice (that is, the route
servers will *not* prepend the exchange AS number to the AS path of
prefixes sent to peers).
*Is anything else changing?*
Yes! The method by which configuration changes have historically been
“pushed” to the NZIX route servers has necessitated a “hard reset” of the
BGP session(s) with all existing peers. Although the two route servers at
each exchange are reloaded independently (ensuring that each peer has an
established session with at least one NZIX route server at all times), the
overheads associated with performing the hard reset are higher than they
need to be. In order to minimise the impact of routine administrative
changes going forward, we are changing the way in which configuration
changes are pushed to the route servers. Note that changes will continue to
be applied to each route server independently, however, thereby ensuring
optimal availability for NZIX.
*I have a question about these changes. Who should I contact?*
Please email us at *peering(a)citylink.co.nz <peering(a)citylink.co.nz>* in
the first instance. We’ll be happy to help!
*Toll Free* 0800 424 895
Level 6, 25 Cambridge Terrace
This mail message contains information that is confidential and which may
be subject to legal privilege. If you are not the intended recipient, you
must not use, distribute or copy this message. If you have received this
message in error, please notify the sender immediately and erase this
mail and its attachments.
NZNOG mailing list