Re: Performance metrics used in commercial BGP route optimizers

[Mike Hammett <nanog () ics-il net>]

All of the same tragedy can happen without BGP optimizers, and does. 

BGP optimizers only harm the global Internet when route filters don't do their job. (Un)Fortunately, many other things 
also harm the global Internet when route filters don't do their job. Things other than BGP optimizers harm the global 
Internet more frequently via the same vector (lack of proper route filters). 




A given set of bugs are unlikely to affect both Optimizer edge egress filters and upstream ingress filters. If so, the 
Internet as a whole has much graver things to worry about. 





----- 
Mike Hammett 
Intelligent Computing Solutions 

Midwest Internet Exchange 

The Brothers WISP 

----- Original Message -----

From: "Job Snijders" <job () instituut net> 
To: "Mike Hammett" <nanog () ics-il net> 
Cc: "Töma Gavrichenkov" <ximaera () gmail com>, "NANOG" <nanog () nanog org> 
Sent: Tuesday, July 16, 2019 12:41:13 PM 
Subject: Re: Performance metrics used in commercial BGP route optimizers 



On Tue, Jul 16, 2019 at 3:33 PM Mike Hammett < nanog () ics-il net > wrote: 





More like do whatever you want in your own house as long as you don't infringe upon others. 




That's where the rub is; when using "BGP optimisers" to influence public Internet routing, you cannot guarantee you 
won't infringe upon others. 

<blockquote>



The argument against route optimizers (assuming appropriate ingress\egress filters) is a religious one and should be 
treated as such. 
</blockquote>



The argument against "BGP optimizers" is that we *cannot* assume appropriate ingress or egress filters. It appears to 
me like fallacy to suggest a line of reasoning ala "if you do things correctly, things won't go wrong". Clearly we've 
observed many times over that things *do* go wrong. 


Some examples: almost every year one of the major BGP vendors has a serious bug related to the functionality to 
NO_EXPORT in some release. Also, routinely we observe there are software defects that cause a device to behave 
different (read 'leak') than how the operator had explicitly configured the device. These are facts, not religious 
statements. 


Perhaps in a bug-free world there is room for dangerous activities, but there is no such thing as bug-free. And I 
haven't even covered the human error angle. We must robustly architect our networks to mitigate or dampen the negative 
effects of issues at all layers of the stack. 


I consider it wholly inappropriate to write-off the countless hours spend dealing with fallout from "BGP optimizers" 
and the significant financial damages we've sustained as "religious arguments". 


Kind regards, 

Job