IETF Logo Mail Archive

Re: [GROW] WGLC: draft-ietf-grow-route-leak-problem-definition (ends: 8/24/2015 - Aug 24)

"Sriram, Kotikalapudi" <kotikalapudi.sriram@nist.gov> Wed, 04 November 2015 02:50 UTC

Return-Path: <kotikalapudi.sriram@nist.gov>
X-Original-To: grow@ietfa.amsl.com
Delivered-To: grow@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B1DE01A8A6E; Tue, 3 Nov 2015 18:50:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qKTmCDU8aUVp; Tue, 3 Nov 2015 18:49:59 -0800 (PST)
Received: from na01-by2-obe.outbound.protection.outlook.com (mail-by2on0142.outbound.protection.outlook.com [207.46.100.142]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B20301A8A6C; Tue, 3 Nov 2015 18:49:59 -0800 (PST)
Received: from CY1PR09MB0793.namprd09.prod.outlook.com (10.163.43.143) by CY1PR09MB0795.namprd09.prod.outlook.com (10.163.43.145) with Microsoft SMTP Server (TLS) id 15.1.318.15; Wed, 4 Nov 2015 02:49:56 +0000
Received: from CY1PR09MB0793.namprd09.prod.outlook.com ([10.163.43.143]) by CY1PR09MB0793.namprd09.prod.outlook.com ([10.163.43.143]) with mapi id 15.01.0318.003; Wed, 4 Nov 2015 02:49:56 +0000
From: "Sriram, Kotikalapudi" <kotikalapudi.sriram@nist.gov>
To: Christopher Morrow <christopher.morrow@gmail.com>, Job Snijders <job@instituut.net>, "joelja@bogus.com" <joelja@bogus.com>
Thread-Topic: [GROW] WGLC: draft-ietf-grow-route-leak-problem-definition (ends: 8/24/2015 - Aug 24)
Thread-Index: AQHQ05ItvN1UiXCCvECA/Msg9UXDnZ6Ek6wAgAPCMYCAA1PXpw==
Date: Wed, 04 Nov 2015 02:49:56 +0000
Message-ID: <CY1PR09MB079389D8DA1EC301FCEB75FE842A0@CY1PR09MB0793.namprd09.prod.outlook.com>
References: <CAL9jLaaOPvY2WZtunCOkuuCDV5-Do+cpHBfa8eEhquGdzSLVuA@mail.gmail.com> <20151030141520.GF1334@22.rev.meerval.net>, <CAL9jLaa_GNXRi38-6x4PTs4Dy2T2AAwzmu1ok6QOWERzBshZuQ@mail.gmail.com>
In-Reply-To: <CAL9jLaa_GNXRi38-6x4PTs4Dy2T2AAwzmu1ok6QOWERzBshZuQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=kotikalapudi.sriram@nist.gov;
x-originating-ip: [2001:c40:0:3032:6955:a99f:6e8e:271b]
x-microsoft-exchange-diagnostics: 1; CY1PR09MB0795; 5:iKaHuIedLB409Hq/XrZSxZgsBgzL/xyOSaNwmH/0SG1cpIaH3/v8BLWuij2mcIFsJXCMLRkL5egKUCDwDwTUB3a8lRa5bM1xms8R4FZO+i6Dx2QYlSgFp+3VLC5MBOOIfxj9lLgq7H4StQnP38B5WA==; 24:k7eSkjwawhb4ukzFqrXNX1LMMi2vnVy6y+Wv/yczYTb9r5yhlFkvba1mO6bZmHsVJXZLgPy/TvT+4caDcFNR+p2tRCz+Uej7UkcykQ9WtKg=; 20:PzahNvFjKPTejoDsqLcYU2letk+rkpmuCvaN+9DlBjLREp4FadWsNhWAozfsiwo8JHZZGNpOpe+2NxeOtHDK5w==
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:CY1PR09MB0795;
x-microsoft-antispam-prvs: <CY1PR09MB0795BC4B5897AFFF1253E932842A0@CY1PR09MB0795.namprd09.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(601004)(2401047)(5005006)(8121501046)(520078)(3002001)(10201501046); SRVR:CY1PR09MB0795; BCL:0; PCL:0; RULEID:; SRVR:CY1PR09MB0795;
x-forefront-prvs: 0750463DC9
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(199003)(5423002)(189002)(106356001)(230783001)(99286002)(87936001)(105586002)(76576001)(106116001)(86362001)(76176999)(5004730100002)(101416001)(50986999)(5007970100001)(54356999)(11100500001)(5001920100001)(40100003)(5002640100001)(92566002)(10400500002)(189998001)(2501003)(122556002)(5001960100002)(5001770100001)(5008740100001)(5003600100002)(102836002)(74316001)(77096005)(2950100001)(2900100001)(33656002)(81156007)(97736004)(3826002); DIR:OUT; SFP:1102; SCL:1; SRVR:CY1PR09MB0795; H:CY1PR09MB0793.namprd09.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: nist.gov does not designate permitted sender hosts)
spamdiagnosticoutput: 1:23
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: nist.gov
X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Nov 2015 02:49:56.7058 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 2ab5d82f-d8fa-4797-a93e-054655c61dec
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1PR09MB0795
Archived-At: <http://mailarchive.ietf.org/arch/msg/grow/O10XUfSfkZIj0hDUy4tuCbBYXOY>
Cc: "grow-chairs@ietf.org" <grow-chairs@ietf.org>, "grow@ietf.org grow@ietf.org" <grow@ietf.org>, "grow-ads@tools.ietf.org" <grow-ads@tools.ietf.org>
Subject: Re: [GROW] WGLC: draft-ietf-grow-route-leak-problem-definition (ends: 8/24/2015 - Aug 24)
X-BeenThere: grow@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Grow Working Group Mailing List <grow.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/grow>, <mailto:grow-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/grow/>
List-Post: <mailto:grow@ietf.org>
List-Help: <mailto:grow-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/grow>, <mailto:grow-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Nov 2015 02:50:01 -0000

[Job]
>> Given the description:
>>
>>>     "A multi-homed AS learns a route from one upstream ISP and announces
>>>     a subprefix (subsumed in the prefix) to another upstream ISP."
>>
>> I'd classify this type of announcement a "hijack" or "attack", not a route leak.

[Chris]
>this makes sense to me, this is the equivalent of several well known
>instances of someone's 'internap' box leaking outside their span of
>control. So, I agree this is a hijack, not a leak... though clearly
>the subnets were 'leaked' outside the span of control, the effect is
>really a hijack of the remote prefix.

[Joel Jaeggli]
>hijack is the practical result of the more specific.
 >intent is of course something else.


Job and I discussed this in person, and as I understand he makes the following 
two important points regarding Type 5 (U-Turn with more specific) and 
why perhaps it should be omitted from the list of route-leak types:

1.   In Type 5, the offending AS receives a less specific and crafts an update 
with a more specific (with AS path intact, Kapela-Pilosov style). 
The update with the more specific basically was never announced by 
a neighbor and was not there in the RIB. So it is a newly crafted update, 
and not a route leak as such.

2.   The other instance of Type 5 was that the update with the more specific 
was there in the RIB but only for regional TE purpose, and was not meant 
to be announced via transit, but it was leaked. In this case, 
the leaked more specific route existed in the RIB, and was not crafted. 
The leak, however, can be thought of as a Type 1 (prefix) leak; 
no need to characterize it as a Type 5 (more specific).

 I am OK with Job’s line of reasoning. Hoping this is agreeable to others 
in the WG as well, I will proceed to update the draft to omit Type 5. 
However, if anyone feels there is some merit/rationale to keep Type 5, please speak up. 
Thanks.

 Sriram

v2.23.0 | Report a Bug | By Email