IETF Logo Mail Archive

Re: [GROW] WGLC: draft-ietf-grow-route-leak-problem-definition (ends: 8/24/2015 - Aug 24)

Jeffrey Haas <jhaas@pfrc.org> Tue, 29 September 2015 20:42 UTC

Return-Path: <jhaas@slice.pfrc.org>
X-Original-To: grow@ietfa.amsl.com
Delivered-To: grow@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7D7961B2A1E; Tue, 29 Sep 2015 13:42:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.321
X-Spam-Level:
X-Spam-Status: No, score=0.321 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, IP_NOT_FRIENDLY=0.334, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uV4VGpWyto67; Tue, 29 Sep 2015 13:42:28 -0700 (PDT)
Received: from slice.pfrc.org (slice.pfrc.org [67.207.130.108]) by ietfa.amsl.com (Postfix) with ESMTP id 5F7311B2A1B; Tue, 29 Sep 2015 13:42:28 -0700 (PDT)
Received: by slice.pfrc.org (Postfix, from userid 1001) id 4E0AF1E386; Tue, 29 Sep 2015 16:46:13 -0400 (EDT)
Date: Tue, 29 Sep 2015 16:46:13 -0400
From: Jeffrey Haas <jhaas@pfrc.org>
To: Christopher Morrow <christopher.morrow@gmail.com>
Message-ID: <20150929204612.GC5754@pfrc.org>
References: <CAL9jLaaOPvY2WZtunCOkuuCDV5-Do+cpHBfa8eEhquGdzSLVuA@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <CAL9jLaaOPvY2WZtunCOkuuCDV5-Do+cpHBfa8eEhquGdzSLVuA@mail.gmail.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: <http://mailarchive.ietf.org/arch/msg/grow/6VuT9v4DLQj-_g-3r_Hq6rJJ4WM>
Cc: "grow-chairs@ietf.org" <grow-chairs@ietf.org>, "grow@ietf.org grow@ietf.org" <grow@ietf.org>, "grow-ads@tools.ietf.org" <grow-ads@tools.ietf.org>
Subject: Re: [GROW] WGLC: draft-ietf-grow-route-leak-problem-definition (ends: 8/24/2015 - Aug 24)
X-BeenThere: grow@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Grow Working Group Mailing List <grow.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/grow>, <mailto:grow-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/grow/>
List-Post: <mailto:grow@ietf.org>
List-Help: <mailto:grow-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/grow>, <mailto:grow-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Sep 2015 20:42:29 -0000

On Mon, Aug 10, 2015 at 01:29:41PM -0400, Christopher Morrow wrote:
> Howdy grow folk,
> please consider this a WGLC for:
>   draft-ietf-grow-route-leak-problem-definition

I'm late as usual. :-)

Please consider updating the "replaces-by" for the draft to the original
draft-sriram...

In general, this document is clear and very well written.  It does an
excellent job at summarizing the landscape for route-leaks and provides lots
of citations (which I haven't validated for correctness vs. the issues) for
study.  

The majority of my comments are minor terminology tweaks, some additional
explanations which might or might not be useful content and one discussion
point for re-organizing some of the types.

I'm supportive of this document moving forward even if my comments were not
immediately addressed. 

----

In your section on "type 2", where you use the term "aggregates", consider
normalizing your terminology on "more specific" and "less specific" routes.
While aggregate is semantically clear in this section, aggregation is often
considered in the context of taking multiple more-specific prefixes and
generating a new, less specific prefix.

Type 3 attacks may also be called a "re-origination" attack.  Consider
working that into the text, please.  

One potential source of type 3 attacks may occur when BGP routing
information is redistributed into a non-BGP protocol and then later
taken from that protocol and redistributed.  E.g. BGP->OSPF->BGP.  The
wisdom of ever redistributing BGP into other protocols is left for a
different rant.

Similar to my comment on type 2, Type 4 is treating the matter as a
"de-aggregation" rather than simply announcing internal more specific
routes.  Some of this is perspective, as seen by a receiver, but
understanding the issue is perhaps better done from the perspective of the
originator.

One source of type 4 issues have included how some older vendor implementations
handled its configuration, leading to a trasient announcement of the more
specifics.  A related one may be related to intentional generation of less
specifics from internal more specifics.  In this case, routes contributing
to the aggregate are configured with policy that is intended to suppress
contributing routes, but such policy is only effective after the less
specific aggregate route is created; this creation may lag for various
implementation reasons.

Consider s/prefix-routes/routes/.  The prefix- seems a bit redundant, at
least in a BGP routing context.

Types 5,6 and 7 are effectively forms of type 1.  The only thing varying is
the *context* of the leaked route source AS and destination AS roles.
Perhaps it's worth considering re-grouping the four sections in a way that
highlights that?


-- Jeff

v2.23.0 | Report a Bug | By Email