Re: [GROW] ISC Response to draft-ietf-grow-unique-origin-as
Leo Bicknell <bicknell@isc.org> Thu, 29 September 2011 19:06 UTC
Return-Path: <bicknell@isc.org>
X-Original-To: grow@ietfa.amsl.com
Delivered-To: grow@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1475521F8F42 for <grow@ietfa.amsl.com>; Thu, 29 Sep 2011 12:06:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.616
X-Spam-Level:
X-Spam-Status: No, score=-5.616 tagged_above=-999 required=5 tests=[AWL=4.383, BAYES_00=-2.599, J_CHICKENPOX_43=0.6, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Bpb-dLTgbwJP for <grow@ietfa.amsl.com>; Thu, 29 Sep 2011 12:05:47 -0700 (PDT)
Received: from mx.pao1.isc.org (mx.pao1.isc.org [149.20.64.53]) by ietfa.amsl.com (Postfix) with ESMTP id EED1521F8F31 for <grow@ietf.org>; Thu, 29 Sep 2011 12:05:47 -0700 (PDT)
Received: from bikeshed.isc.org (bikeshed.isc.org [IPv6:2001:4f8:3:d::19]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (Client CN "bikeshed.isc.org", Issuer "ISC CA" (verified OK)) by mx.pao1.isc.org (Postfix) with ESMTPS id 834BFC9428; Thu, 29 Sep 2011 19:07:06 +0000 (UTC) (envelope-from bicknell@isc.org)
Received: by bikeshed.isc.org (Postfix, from userid 10294) id 6DCD9216C56; Thu, 29 Sep 2011 19:07:06 +0000 (UTC)
Date: Thu, 29 Sep 2011 19:07:06 +0000
From: Leo Bicknell <bicknell@isc.org>
To: Danny McPherson <danny@tcb.net>
Message-ID: <20110929190706.GA84607@bikeshed.isc.org>
References: <20110928193323.GA57548@bikeshed.isc.org> <CC4CB415-C615-4379-842F-2177B333D380@tcb.net> <20110928235156.GA65454@bikeshed.isc.org> <352BFFD6-B2C3-4ACD-96C1-46F28B5E5719@tcb.net> <20110929130632.GA76531@bikeshed.isc.org> <E6D92094-5836-4BB8-8E3A-5F620AA67696@tcb.net> <20110929133512.GA77671@bikeshed.isc.org> <10DB5C60-A228-4877-9EF0-F14F20DB06F5@tcb.net>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <10DB5C60-A228-4877-9EF0-F14F20DB06F5@tcb.net>
Organization: Internet Systems Consortium, Inc
Cc: "grow@ietf.org grow@ietf.org" <grow@ietf.org>
Subject: Re: [GROW] ISC Response to draft-ietf-grow-unique-origin-as
X-BeenThere: grow@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Grow Working Group Mailing List <grow.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/grow>, <mailto:grow-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/grow>
List-Post: <mailto:grow@ietf.org>
List-Help: <mailto:grow-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/grow>, <mailto:grow-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Sep 2011 19:06:04 -0000
In a message written on Thu, Sep 29, 2011 at 11:22:45AM -0400, Danny McPherson wrote: > With normal unicast there's a single tree for the prefix in the routing > system, while anycasting inherently introduces a polytree for the prefix. > However, anycasting with a common origin AS creates a 'pseudo AS' at the > root of the graph (i.e., the illusion of a single tree). By doing what > you describe, you force anyone doing routing system analysis to know 'a > priori' which prefixes employ a pseudo AS at the root of the tree - only > so that they can step deeper into the tree, to the actual polytree roots, > and then evaluate the adjacent nodes of those roots. This is particularly > problematic when new nodes are introduced to the system. I'm sure you have studied this in great detail, and so I will simply assume you're correct that the method described is easier when writing a program to find hijacked routes. However, that is a small part of operating an Anycast system. Far more frequently than I help folks find hijacked routes (which are fortunately rare) I help troubleshoot ordinary performance problems. It's far easier for me to say "send me show ip bgp regex _3557$" and get all the info I need than send a list of routes (3 in our case) or local ASN's (about 55 in our case). The same goes for when I'm looking at various looking glasses to see what is going on. I also think, and this is totally subjective, that it is easier to explain to folks on the phone, particularly folks with no Anycast experience. They can just pretend in their mind that 3557 is one big global network that peers in a lot of places and their mental image is complete. So even if I spot you that it makes it easier for a third party to programmatically detect hijacks I don't think that's enough alone to rise to calling this method the "best current practice", which is the path this draft is on. It has impacts on day to day operations (including things like the inconsistent asn reports) that also need to be weighed. But, I think we've both overmade our points. I also realize I was late to this game, you can't watch everything in every group all the time. I think the question is if anyone else on the list cares one way or another, because if no other opinions have been changed we might as well stop. -- Leo Bicknell; E-mail: bicknell@isc.org, Phone: +1 650 423 1358 INOC*DBA *3357*592; Internet Systems Consortium, Inc. www.isc.org
- [GROW] ISC Response to draft-ietf-grow-unique-ori… Leo Bicknell
- Re: [GROW] ISC Response to draft-ietf-grow-unique… Danny McPherson
- Re: [GROW] ISC Response to draft-ietf-grow-unique… Danny McPherson
- Re: [GROW] ISC Response to draft-ietf-grow-unique… Leo Bicknell
- Re: [GROW] ISC Response to draft-ietf-grow-unique… Leo Bicknell
- Re: [GROW] ISC Response to draft-ietf-grow-unique… Danny McPherson
- Re: [GROW] ISC Response to draft-ietf-grow-unique… Leo Bicknell
- Re: [GROW] ISC Response to draft-ietf-grow-unique… Danny McPherson
- Re: [GROW] ISC Response to draft-ietf-grow-unique… Leo Bicknell
- Re: [GROW] ISC Response to draft-ietf-grow-unique… Christopher Morrow
- Re: [GROW] ISC Response to draft-ietf-grow-unique… John Kristoff
- Re: [GROW] ISC Response to draft-ietf-grow-unique… Leo Bicknell
- Re: [GROW] ISC Response to draft-ietf-grow-unique… Christopher Morrow
- Re: [GROW] ISC Response to draft-ietf-grow-unique… Danny McPherson
- Re: [GROW] ISC Response to draft-ietf-grow-unique… Leo Bicknell
- Re: [GROW] ISC Response to draft-ietf-grow-unique… Christopher Morrow
- Re: [GROW] ISC Response to draft-ietf-grow-unique… Leo Bicknell