[PATCH] Don't treat 0/8 and 240/4 specially in IPv4 classification
Maria Matejka
maria.matejka at nic.cz
Sat Dec 31 20:56:02 CET 2022
Hello!
On 12/31/22 16:17, Bernd Naumann via Bird-users wrote:
> On 31.12.22 15:45, Juliusz Chroboczek via Bird-users wrote:
>>> from my perspective the time to prolong the IPv4 usage is over.
>>
>> I agree.
>> [..]
>> [..] I, for one, have changed my mind on the
>> subject multiple times.
To clarify (and maybe amend a little) my position, I shall state this:
First of all, there is the previous patch which we reworked and merged,
not realizing that if somebody has a policy "accept unless bad", then we
are changing their behavior and they start accepting inherently bogon
prefixes by upgrading to 2.0.10-11. This wasn't right and we should
definitely fix it in 2.0.12 by reverting such unintended default
behavior change.
Not so strong is my opinion on whether we should enforce the default
behavior by code. BIRD is released under GPL and anybody can apply their
patches and do their forks. This can be used as an argument both ways.
Our code isn't definitive. Hardcoding something is just "marking the
right way". We can mark the right way just by setting the default
behavior and allowing to configure what the user wants.
In the end, the question reduces to this: If somebody wants to route
240/4 by BIRD, how high should the cost be? Simple (or not so simple)
configuration change or patching and rebuilding?
> Even as I (have to) totally agree with Nico, too; the sad reality as I
> had to observe it: For some reason some/many people are totally unaware
> of the possibility of IPv4 transport via IPv6. Be it using MP-BGP or
> nowadays Babel, too. This should get more "advertisement"/awareness.
I totally agree.
> But on the other hand: I have heard stories of unlucky sysadmins
> maintaining totally broken/cluttered networks with no clear vision how
> to enable IPv6, and they never got a proper address planning scheme and
> they have to live with no more space in RFC1918. These people would
> benefit of making 240/4 a configurable option.
To be honest, I have heard lots of horror stories, more or less
unbelievable, and I feel sorry for all the people involved. These people
are probably stockpiling workarounds for years. Their deployments are
probably the most challenging to convert to IPv6. Maybe we should
primarily look for ways how to motivate them to share their issues with
IPv6. Maybe their problems really can't be solved by current state of
IPv6 and we should do our best to fix it.
Anyway, I'm not sure whether the right thing is to simply enable 240/4
for them. It will also dry out, sooner or later, and IIRC there are
efforts to make this range public, not site-local. I still remember what
Cloudflare people discovered when deploying their 1.1.1.1 DNS resolver
and I don't like hearing their stories again.
Maybe we might make it configurable but write a big scary warning to the
documentation? It may be the cleaner way. Yet we should somehow pass the
information to anybody who wants to use 240/4:
There is probably a better and more sustainable solution to
your problem than using 240/4. And you can't see any, please
go public and describe your problem to make it possible
to solve.
I wish you all wonderful following 365 days, regardless whether you call
them "year 2023" or not. And thank you all for this discussion, for all
your opinions and views.
Maria
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2839 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20221231/56f3e452/attachment.p7s>
More information about the Bird-users
mailing list