Re: [GROW] I-D Action: draft-ietf-grow-as-path-prepending-06.txt
Gyan Mishra <hayabusagsm@gmail.com> Fri, 18 February 2022 22:25 UTC
Return-Path: <hayabusagsm@gmail.com>
X-Original-To: grow@ietfa.amsl.com
Delivered-To: grow@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8809B3A0A19 for <grow@ietfa.amsl.com>; Fri, 18 Feb 2022 14:25:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.087
X-Spam-Level:
X-Spam-Status: No, score=-2.087 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_REMOTE_IMAGE=0.01, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OKNPupK6Hg4u for <grow@ietfa.amsl.com>; Fri, 18 Feb 2022 14:24:55 -0800 (PST)
Received: from mail-pl1-x632.google.com (mail-pl1-x632.google.com [IPv6:2607:f8b0:4864:20::632]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5765F3A0B5E for <grow@ietf.org>; Fri, 18 Feb 2022 14:24:55 -0800 (PST)
Received: by mail-pl1-x632.google.com with SMTP id l8so8224806pls.7 for <grow@ietf.org>; Fri, 18 Feb 2022 14:24:55 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=WTRUlPAWuY34ViR7znkwXcqM0gAqPf1cBGXQ6ptXQb4=; b=HUssVhTH0wt6j0EKSaIk13k0fFAURJqtc6gucRa+jrdJJI9tANv2HMaYWNC01g72j2 CsB7JYP70T1nnfMnf7v5At9VoWnyZ8yKdrrmSYUnJcs76avAeKH7K6Y9MCO9m2zC93gA bwlHHmY69fY6rQ1ySBISfy76Uo0bjtlnwCPya+2n2RJWMaz2yEB3H3QWFmMBWuzb6ssH p7075EV0BOTwBbP6MbJ3nnADkguGHAn4G0hgUE+Zl+oaqMOWt2IsE9EA6OH+ThPOtqoz zRkqKef2quJhyLrsYBuKlqZcZcMhk7NB5zTWGRMqjrhxghjjUN1FOph6hcDgw6yEGCgw Ct7w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=WTRUlPAWuY34ViR7znkwXcqM0gAqPf1cBGXQ6ptXQb4=; b=8R4wKfpuob4q7wxMWIXBscnCd9SYuD5XdL6ac9b66uOL8lHB9bBGUsOauaSObeZih3 PliAHT3cliKd3ZTMO+BLKdtLPF5IFZZ/6m+b9TOuArNku8d4TUL00t5bKaZagIaPw0Es I75NAaoX3Yqd/RMTI6sWzr8slKAaLIiwciFNxUOzRQsgYXuYV4Dn8QdIRjUaxIv+w3wI G7/6dkErqih4P263Z3qkO79M/XB66RraGIAS4BAyupUbgV3EgVz6fjCU5KaB/Vb2xhy8 diO/nZI9SfvmpJ/OIFkxmltKpRzguAIAAh4VKInL603l5Tr4JYzc23d+VAwOnyyL4ghR iRjA==
X-Gm-Message-State: AOAM5312OMhg+oatSbQH4mHSLWoJv1yUJBrfmHFLzZ2tnXht+XeqEMe8 kSv3qdUNoq36PaV3quJw+NwmZ47jLV/saWf0B6M=
X-Google-Smtp-Source: ABdhPJxv1eyYDGSGRwyAr0VkrNSnJ0K+nUONxNW/ZFDb3TAr7zd/cZbvZxnhffUdO4DLPKoDWeglupCHgru6aT/GYOw=
X-Received: by 2002:a17:902:cccc:b0:14e:e89c:c669 with SMTP id z12-20020a170902cccc00b0014ee89cc669mr9571801ple.58.1645223094218; Fri, 18 Feb 2022 14:24:54 -0800 (PST)
MIME-Version: 1.0
References: <164514894189.6906.4983367570049951418@ietfa.amsl.com> <BYAPR13MB258299D3DCB364AC1CCE5DE1F4379@BYAPR13MB2582.namprd13.prod.outlook.com> <20220218.132810.556310822663266439.he@uninett.no> <584C13F2-3D4F-4C42-B04C-7C15B087601F@pfrc.org>
In-Reply-To: <584C13F2-3D4F-4C42-B04C-7C15B087601F@pfrc.org>
From: Gyan Mishra <hayabusagsm@gmail.com>
Date: Fri, 18 Feb 2022 17:24:42 -0500
Message-ID: <CABNhwV0uXj217fB74_VY6a1u_Ttiqs-MV=mKu4D6XhRf0vsOUQ@mail.gmail.com>
To: Jeffrey Haas <jhaas@pfrc.org>
Cc: Havard Eidnes <he=40uninett.no@dmarc.ietf.org>, grow@ietf.org
Content-Type: multipart/alternative; boundary="0000000000001b72ad05d8525a6c"
Archived-At: <https://mailarchive.ietf.org/arch/msg/grow/JpM0a-oMOyb4kgBr52v4SCJX-NA>
Subject: Re: [GROW] I-D Action: draft-ietf-grow-as-path-prepending-06.txt
X-BeenThere: grow@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Grow Working Group Mailing List <grow.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/grow>, <mailto:grow-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/grow/>
List-Post: <mailto:grow@ietf.org>
List-Help: <mailto:grow-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/grow>, <mailto:grow-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Feb 2022 22:25:02 -0000
Hi Jeffrey & Havard Thank you for the comments. The goal of 3.1 was to graphically depict the how excess as-path prepending and how that could yield or exacerbate prefix hijacking impact downstream consumers of pretending as you stated with ripple effect where a desirable source origin AS becomes de-preferred or hijacked resulting in a route leak. We will also mention using BGP prefix origin validation RFC 6811 to mitigate prefix hijacking resulting in a route leak. The goal of 3.1 was also to shed light on the ripple effects to downstream providers consuming the prepends resulting in extremely long AS path exceeding the 255 max as-path. Also in 3.1 the goal was to depict the impact of “prepend to all” resulting in prefix hijacking due to de-prefer of origin AS route resulting in route leaks. We will make 3.1 more clear in depicting a route leak from prefix hijacking resulting from “prepend to all” excessive prepending. Also remove the 5+1 making it announce six. Many Thanks Gyan On Fri, Feb 18, 2022 at 11:13 AM Jeffrey Haas <jhaas@pfrc.org> wrote: > I support Hávard's observations. > > I'd also like to comment that the notation of "prepends 5" meaning "5 + 1" > is a bit confusing for all of the examples. Consider instead just saying > what the announced as-path length is. Operators prepend 5 because their > intent is "announce 6". :-) > > Rather than try to cast the (very contrived) scenario as a form of route > leaking, I'd suggest the authors focus on the impact of downstream > consumers of the prepending. In particular, the example here simply notes > that the receiving AS had a desire to use one path, but the upstream > providers in executing their own motivations caused them to not have such a > preferable path by default. > > Sadly, too bad for this downstream operator. The more hops away you are > from a given bit of reachability, the less your opinion tends to matter > over what the announcements look like. It's likely time for them to form a > business relationship with the announcing AS or one of their immediate > service provider ASes. (And thus, reinforcing business motivations that > push the AS diameter of the Internet to remain small...) > > -- Jeff > > > > On Feb 18, 2022, at 7:28 AM, Havard Eidnes <he= > 40uninett.no@dmarc.ietf.org> wrote: > > > > Hi, > > > > here are a few comments about section 3.1 in the draft: > > > > Other than the missing comma in the list of routers/ASes, near > > the end there is talk about a route leak. However, I don't think > > what's stated here as a route leak is what's commonly understood > > to be a route leak. > > > > I think a route leak is commonly understood to be when a route is > > announced to a neighbor in violation of the (intended) routing > > policy, i.e. a route leak can be the result of an erroneously > > implemented intended routing policy. I can't see how that's the > > case here, because no routing policy has been expressed for "I". > > This probably means that "I" re-advertises all routes it > > receives, from any edge on any other edge, and therefore by > > definition can't have a "route leak". > > > > It's another matter that the traffic pattern from B to J in the > > stated scenario involves a change to a path which traverses I. > > > > If we instead of "thinking BGP" in the drawing in 3.1, suppose we > > think "RIP with max metric 64" instead. Of course when you > > adjust metrics on any interface in the topology, traffic flows > > will shift around. I can't quite understand when we do the > > similar thing in BGP it's such a big problem? > > > > Admittedly, by prepending outgoing route announcements towards a > > given peer, you only affect "one end of the link", and there's a > > fair chance that asymmetric traffic patterns will result if > > that's the only thing which is done. But... Is that a problem? > > > > I think the problem desribed in section 3.1 could do with a bit > > clearer description of why this is problematical. > > > > Regards, > > > > - Håvard > > > > _______________________________________________ > > GROW mailing list > > GROW@ietf.org > > https://www.ietf.org/mailman/listinfo/grow > > _______________________________________________ > GROW mailing list > GROW@ietf.org > https://www.ietf.org/mailman/listinfo/grow > -- <http://www.verizon.com/> *Gyan Mishra* *Network Solutions A**rchitect * *Email gyan.s.mishra@verizon.com <gyan.s.mishra@verizon.com>* *M 301 502-1347*
- [GROW] I-D Action: draft-ietf-grow-as-path-prepen… internet-drafts
- Re: [GROW] I-D Action: draft-ietf-grow-as-path-pr… Michael McBride
- Re: [GROW] I-D Action: draft-ietf-grow-as-path-pr… Havard Eidnes
- Re: [GROW] I-D Action: draft-ietf-grow-as-path-pr… Jeffrey Haas
- Re: [GROW] I-D Action: draft-ietf-grow-as-path-pr… Gyan Mishra