[PATCH] Don't treat 0/8 and 240/4 specially in IPv4 classification

Maria Matejka maria.matejka at nic.cz
Sat Dec 31 20:56:02 CET 2022 

Hello!

On 12/31/22 16:17, Bernd Naumann via Bird-users wrote:
> On 31.12.22 15:45, Juliusz Chroboczek via Bird-users wrote:
>>> from my perspective the time to prolong the IPv4 usage is over.
>>
>> I agree.
>> [..]
>> [..] I, for one, have changed my mind on the
>> subject multiple times.

To clarify (and maybe amend a little) my position, I shall state this:

First of all, there is the previous patch which we reworked and merged, 
not realizing that if somebody has a policy "accept unless bad", then we 
are changing their behavior and they start accepting inherently bogon 
prefixes by upgrading to 2.0.10-11. This wasn't right and we should 
definitely fix it in 2.0.12 by reverting such unintended default 
behavior change.

Not so strong is my opinion on whether we should enforce the default 
behavior by code. BIRD is released under GPL and anybody can apply their 
patches and do their forks. This can be used as an argument both ways.

Our code isn't definitive. Hardcoding something is just "marking the 
right way". We can mark the right way just by setting the default 
behavior and allowing to configure what the user wants.

In the end, the question reduces to this: If somebody wants to route 
240/4 by BIRD, how high should the cost be? Simple (or not so simple) 
configuration change or patching and rebuilding?

> Even as I (have to) totally agree with Nico, too; the sad reality as I 
> had to observe it: For some reason some/many people are totally unaware 
> of the possibility of IPv4 transport via IPv6. Be it using MP-BGP or 
> nowadays Babel, too. This should get more "advertisement"/awareness.

I totally agree.

> But on the other hand: I have heard stories of unlucky sysadmins 
> maintaining totally broken/cluttered networks with no clear vision how 
> to enable IPv6, and they never got a proper address planning scheme and 
> they have to live with no more space in RFC1918. These people would 
> benefit of making 240/4 a configurable option.

To be honest, I have heard lots of horror stories, more or less 
unbelievable, and I feel sorry for all the people involved. These people 
are probably stockpiling workarounds for years. Their deployments are 
probably the most challenging to convert to IPv6. Maybe we should 
primarily look for ways how to motivate them to share their issues with 
IPv6. Maybe their problems really can't be solved by current state of 
IPv6 and we should do our best to fix it.

Anyway, I'm not sure whether the right thing is to simply enable 240/4 
for them. It will also dry out, sooner or later, and IIRC there are 
efforts to make this range public, not site-local. I still remember what 
Cloudflare people discovered when deploying their 1.1.1.1 DNS resolver 
and I don't like hearing their stories again.

Maybe we might make it configurable but write a big scary warning to the 
documentation? It may be the cleaner way. Yet we should somehow pass the 
information to anybody who wants to use 240/4:

	There is probably a better and more sustainable solution to
	your problem than using 240/4. And you can't see any, please
	go public and describe your problem to make it possible
	to solve.

I wish you all wonderful following 365 days, regardless whether you call 
them "year 2023" or not. And thank you all for this discussion, for all 
your opinions and views.

Maria
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2839 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20221231/56f3e452/attachment.p7s>

More information about the Bird-users mailing list