Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 24 Jun 2020 09:36:14 -0700
From:      Chris <bsd-lists@BSDforge.com>
To:        "Alexander V. Chernikov" <melifaro@freebsd.org>, "Rodney W. Grimes" <freebsd-rwg@gndrsh.dnsmgr.net>, Hiroki Sato <hrs@freebsd.org>
Cc:        "current@freebsd.org" <current@freebsd.org>, "net@freebsd.org" <net@freebsd.org>, "freebsd-hackers@freebsd.org" <freebsd-hackers@freebsd.org>
Subject:   Re: routed && route6d removal proposal
Message-ID:  <4dfcc0c99086b023a1508e5a7f60a0af@udns.ultimatedns.net>
In-Reply-To: <113821592986861@mail.yandex.ru>

next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 24 Jun 2020 10:07:34 +0100 Alexander V=2E Chernikov melifaro@freebsd=2E=
org said

> 22=2E06=2E2020, 14:54, "Hiroki Sato" <hrs@freebsd=2Eorg>:
> > "Alexander V=2E Chernikov" <melifaro@freebsd=2Eorg> wrote
> > =C2=A0=C2=A0in <273191592779927@mail=2Eyandex=2Eru>:
> >
> > me> Hey,
> > me>
> > me> I would like to propose removal of sbin/routed and usr=2Esbin/route6d=
=2E
Please don't=2E

> >
> > =C2=A0I am still using both of them in production environments because =
they
> > =C2=A0work well at least for my configurations and most of promising
> > =C2=A0alternatives are under GPL, not BSDL=2E
+1 on this=2E

I began using this around FreeBSD 6, and continued using it through 9=2E I
also chose this as a solution for several of my clients=2E I use it because
it's "cheap" -- simple, lightweight, and dependable=2E With near zero
maintenance -- and it's already available in $BASE=2E While fairly utilitaria=
n
by today's standards=2E Sometimes you just need to get the job done, and this
does just that=2E Which IMHO makes this a shinning star=2E
Please don't remove this=2E It's going to make the lives of others a little
more difficult=2E

Thanks for taking time time to read=2E

> That's actually a very good datapoint I certainly missed=2E
> >
> > =C2=A0Why do we need to rush to remove them? Discussion about whether w=
e
> There is no rush=2E In my opinion, popularity&usage of rip is going in one
> direction, for the reasons stated in the original e-mail=2E
> At some point in time it's worth checking the reality and verify whether =
we
> still need it in base or not=2E
> I stated 2 week timeframe (though I admit I wrongly written Jun instead o=
f
> July) for collecting feedback to base a decision upon=2E
> It looks like there is enough feedback already=2E
> > =C2=A0should keep or remove such old bits tends to be controversial whe=
n
> > =C2=A0there is a user like me=2E I would agree with the removal if they w=
ere
> > =C2=A0harmful or impossible to maintain, but would not for the reason t=
hat
> > =C2=A0they are simply old and probably no one uses it today=2E Reason 1 a=
nd
> > =C2=A02 look like the latter at least to me=2E "too old to be worth keepi=
ng"
> > =C2=A0is a matter of degree=2E Uucp, rlogind, and timed should be removed
> > =C2=A0(and were removed) because there are few non-FreeBSD platforms wh=
ich
> > =C2=A0support these protocols=2E RIP is still widely supported---just lik=
e
> > =C2=A0FTP, which nowadays no one prefers to use and major www browsers =
are
> > =C2=A0about to drop the support of---and not be considered an inherentl=
y
> > =C2=A0vulnerable protocol like telnet=2E And keeping these daemons is not
> > =C2=A0harmful even for users who want to use third-party routing daemon=
s
> > =C2=A0you listed=2E
> My concern is hidden housekeeping costs=2E You have to update the
> documentation, where
> it exists=2E There are some bugs and you have to do something there=2E There =
are
> security vulns or Coverity reports=2E
> when you do a change, you have to verify it somehow and you have to tests=
,
> so you have to spend more time=2E
> Each of it is a small thing by itself, but they add up and drain develope=
r
> time=2E
>=20
> >
> > me> 1=2E1=2E Nowadays the daemon name is simply misleading=2E Given situation
> > me> described above, one does expect far wider functionality from the
> > me> program named "route[6]d" than just RIP implementation=2E
> >
> > =C2=A0I do not think this is a good reason to remove something nor peop=
le
> > =C2=A0have got confused actually=2E If this is true, quagga or bird are m=
uch
> > =C2=A0worse=2E
> >
> > me> 2=2E Multiple routing stacks supporting all major routing protocol
> > me> including RIP exists these days: bird, frr, quagga=2E Many BGP-only
> > me> designs in are gaining popularity, so do bgp speakers such as exabg=
p
> > me> or gobgp=2E Nowadays, if one needs dynamic routing on the host, OSPF =
or
> > me> BGP speaker is the choice=2E FreeBSD packages contains well-maintaine=
d
> > me> ports for these=2E Having RIP[ng] speakers in base offers no advantag=
e=2E
> > me>
> > me> 3=2E Both routed/route6d are largely unmaintained [4] and presents an
> > me> additional attack vector=2E Here is the list of last non-trivial comm=
its
> > me> to routed/route6d:
> >
> > =C2=A0I think this is a separate issue=2E What attack vectors which are
> > =C2=A0known to be vulnerable do they have?
> I'm referring to the cases like SA 14:21 or SA 20:12=2E
> >
> > =C2=A0The small commit counts are not equal to its unreliability=2E Older
> > =C2=A0daemons such as ppp(8), dhclient(8), ftpd(8), or bootpd(8) have
> > =C2=A0received few substantial changes in recent years because they are
> > =C2=A0mature=2E
> Well, I see another alternative reason, but that's another discussion :-)
> Also, dhclient got 50 commits in the last 4 years, so I wouldn't put it i=
n
> this list=2E
> >
> > =C2=A0I am not a strong protester and will be happy to keep them as por=
ts
> > =C2=A0if everyone wants to remove them and it will happen, but I would =
like
> > =C2=A0consistent criteria on removing software in the base system (they=
 do
> > =C2=A0not need to be perfect nor strict, though)=2E I believe harmfulness=
 is
> My criteria (briefly) is the "moral" staleness, existence of the viable
> alternatives and no users=2E
> I should have stated the latter more explicitly=2E
> > =C2=A0more important than the fact that it is old or we have more choic=
es
> > =C2=A0in the ports tree=2E If we have negative factors on maintaining the=
m,
> > =C2=A0removing them would be one of the choices as a result=2E If the
> > =C2=A0existing routed/route6d makes difficulty on people who want to us=
e
> > =C2=A0third-party routing daemons, it should be fixed=2E These kind of
> > =C2=A0harmfulness look below the threshold to me at this moment though =
I
> > =C2=A0may be biased because I am still using them today=2E=2E=2E
> >
> > -- Hiroki

--Chris





Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4dfcc0c99086b023a1508e5a7f60a0af>