Re: [GROW] WGLC: draft-ietf-grow-route-leak-problem-definition (ends: 8/24/2015 - Aug 24)
Job Snijders <job@instituut.net> Fri, 30 October 2015 14:15 UTC
Return-Path: <job@instituut.net>
X-Original-To: grow@ietfa.amsl.com
Delivered-To: grow@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1D6AC1A1AB5 for <grow@ietfa.amsl.com>; Fri, 30 Oct 2015 07:15:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1] autolearn=unavailable
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id g19quBgJ5vIO for <grow@ietfa.amsl.com>; Fri, 30 Oct 2015 07:15:27 -0700 (PDT)
Received: from mail-wm0-x234.google.com (mail-wm0-x234.google.com [IPv6:2a00:1450:400c:c09::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 52DF81A1AA6 for <grow@ietf.org>; Fri, 30 Oct 2015 07:15:25 -0700 (PDT)
Received: by wmff134 with SMTP id f134so12851407wmf.1 for <grow@ietf.org>; Fri, 30 Oct 2015 07:15:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=instituut_net.20150623.gappssmtp.com; s=20150623; h=date:from:to:cc:subject:message-id:references:mime-version :content-type:content-disposition:in-reply-to:user-agent; bh=39rcc4BLZC19cLJMqx8Ge1HE7N/BfF5lZikC4xh2GGY=; b=icSHmKLVhSq/RKWfhwEXdK0xJPfi1OTQAo1/44djLxWG8xkSBoPG5gqIKMEtaS+jX4 SMritXRuqavXZwTKblAq3F+3iRa3QH+/TiivQ+HfOkORI0MorEaJjnzAm32HssG1o9pm TMD3j97EgMMZMDUt2rZOEi3Ts+qPWuuEFBODTAq3NpsVcjxNOOBI04c+MN1JLOxFInAS oLlN77XgjyEcRwg3vgqybJ5vvS2iDp/2Z5bwvHRP/L/gzImXNC0o9OpCklwuKfs1Fp+k I03VotUb23Dn/mLWQnTPU1aEqTiFWD/aSnZdQaRMuIhR22Ptzw90R+Eml4rx7jELuIxH VV8w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-type:content-disposition:in-reply-to :user-agent; bh=39rcc4BLZC19cLJMqx8Ge1HE7N/BfF5lZikC4xh2GGY=; b=Hn/vgPz1PivmJdaIbTVmrKWgx473XKxnRTJlaCEm+kRw5ydIkCfnKclCwPouyREKBP BX0aBJCQ92rtp9YBdZc9mOUtPYRmpH6XUxDPppIldZxgWpFeyZ4id4QHwKQL1l5XCizd NtyvReLHgWqQXbzLPwGeCvYrMw6pKOr4sd/LHBsCc19MCNCVS3gXRYDkiEO+dUo2kysE 5t/QL5AKSQwt+z0Aux8+bbq/YQexw0Xzo7VGMlYRTI6BEcIA8QpSNfOEW7awWnUJ/ymx 26yhjxtvA7HYJ3l1wcq5E8pyJ2JDIAf4wVceyT5UWX0PPi42/1IWuXgwdIK59oz28nBf 9bWw==
X-Gm-Message-State: ALoCoQkBjTuHlrSDWpNdCYOwoh72HzzVXyi2Z+ygBkblzyZtpChuTFY04g7cXWOc1KuMAS8JA1Qd
X-Received: by 10.28.135.13 with SMTP id j13mr4059696wmd.48.1446214523589; Fri, 30 Oct 2015 07:15:23 -0700 (PDT)
Received: from localhost ([2001:67c:208c:10:3da2:d929:d21f:88aa]) by smtp.gmail.com with ESMTPSA id r12sm3100072wmd.17.2015.10.30.07.15.20 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 30 Oct 2015 07:15:20 -0700 (PDT)
Date: Fri, 30 Oct 2015 15:15:20 +0100
From: Job Snijders <job@instituut.net>
To: Christopher Morrow <christopher.morrow@gmail.com>
Message-ID: <20151030141520.GF1334@22.rev.meerval.net>
References: <CAL9jLaaOPvY2WZtunCOkuuCDV5-Do+cpHBfa8eEhquGdzSLVuA@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <CAL9jLaaOPvY2WZtunCOkuuCDV5-Do+cpHBfa8eEhquGdzSLVuA@mail.gmail.com>
X-Clacks-Overhead: GNU Terry Pratchett
User-Agent: Mutt/1.5.24 (2015-08-30)
Archived-At: <http://mailarchive.ietf.org/arch/msg/grow/cPX0tGLdbim1T8TX56sAO-ofgyc>
Cc: "grow-chairs@ietf.org" <grow-chairs@ietf.org>, "grow@ietf.org grow@ietf.org" <grow@ietf.org>, "grow-ads@tools.ietf.org" <grow-ads@tools.ietf.org>
Subject: Re: [GROW] WGLC: draft-ietf-grow-route-leak-problem-definition (ends: 8/24/2015 - Aug 24)
X-BeenThere: grow@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Grow Working Group Mailing List <grow.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/grow>, <mailto:grow-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/grow/>
List-Post: <mailto:grow@ietf.org>
List-Help: <mailto:grow-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/grow>, <mailto:grow-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Oct 2015 14:15:28 -0000
Hi all,
On Mon, Aug 10, 2015 at 01:29:41PM -0400, Christopher Morrow wrote:
> Howdy grow folk,
> please consider this a WGLC for:
> draft-ietf-grow-route-leak-problem-definition
>
> Abstract:
> "A systemic vulnerability of the Border Gateway Protocol routing
> system, known as 'route leaks', has received significant attention in
> recent years. Frequent incidents that result in significant
> disruptions to Internet routing are labeled "route leaks", but to
> date we have lacked a common definition of the term. In this
> document, we provide a working definition of route leaks, keeping in
> mind the real occurrences that have received significant attention.
> Further, we attempt to enumerate (though not exhaustively) different
> types of route leaks based on observed events on the Internet. We
> aim to provide a taxonomy that covers several forms of route leaks
> that have been observed and are of concern to Internet user community
> as well as the network operator community."
>
> there have been 3 revisions of this document in the WG, along with 2
> prior to adoption. A new read-through of the document and comments
> prior to sending this along to the IESG would be great!
>
> Let's get that done in the next 14 days and pass this up the chain for
> further review/comment/process.
I think "type 5: U-Shaped Turn with More Specific Prefix" should be
removed from the document.
Given the description:
"A multi-homed AS learns a route from one upstream ISP and announces
a subprefix (subsumed in the prefix) to another upstream ISP."
I'd classify this type of announcement a "hijack" or "attack", not a
route leak.
Also, the two mentioned examples are at odds with each other, in the
first example an artificially crafted AS_PATH is used to exploit AS-PATH
loop detection, in the second example, the more specifics observed by
[Toonk2015-B] were more specifics not crafted by the offending ASN but
by peers of the offending ASN for traffic engineering purposes. Those
peers consciously deaggregated, assuming a limited, regionalized
visibility of said prefixes.
Thoughts?
Kind regards,
Job
- [GROW] WGLC: draft-ietf-grow-route-leak-problem-d… Christopher Morrow
- Re: [GROW] WGLC: draft-ietf-grow-route-leak-probl… George, Wes
- Re: [GROW] WGLC: draft-ietf-grow-route-leak-probl… Sriram, Kotikalapudi
- Re: [GROW] WGLC: draft-ietf-grow-route-leak-probl… Susan Hares
- Re: [GROW] WGLC: draft-ietf-grow-route-leak-probl… Christopher Morrow
- Re: [GROW] WGLC: draft-ietf-grow-route-leak-probl… Sriram, Kotikalapudi
- Re: [GROW] WGLC: draft-ietf-grow-route-leak-probl… Andrei Robachevsky
- Re: [GROW] WGLC: draft-ietf-grow-route-leak-probl… Jeffrey Haas
- Re: [GROW] WGLC: draft-ietf-grow-route-leak-probl… Sriram, Kotikalapudi
- Re: [GROW] WGLC: draft-ietf-grow-route-leak-probl… Sriram, Kotikalapudi
- Re: [GROW] WGLC: draft-ietf-grow-route-leak-probl… Sriram, Kotikalapudi
- Re: [GROW] WGLC: draft-ietf-grow-route-leak-probl… Sriram, Kotikalapudi
- Re: [GROW] WGLC: draft-ietf-grow-route-leak-probl… George, Wes
- Re: [GROW] WGLC: draft-ietf-grow-route-leak-probl… Job Snijders
- Re: [GROW] WGLC: draft-ietf-grow-route-leak-probl… Sriram, Kotikalapudi
- Re: [GROW] WGLC: draft-ietf-grow-route-leak-probl… Christopher Morrow
- Re: [GROW] WGLC: draft-ietf-grow-route-leak-probl… George, Wes
- Re: [GROW] WGLC: draft-ietf-grow-route-leak-probl… David Farmer
- Re: [GROW] WGLC: draft-ietf-grow-route-leak-probl… Sriram, Kotikalapudi
- Re: [GROW] WGLC: draft-ietf-grow-route-leak-probl… Sriram, Kotikalapudi
- Re: [GROW] WGLC: draft-ietf-grow-route-leak-probl… Christopher Morrow
- Re: [GROW] WGLC: draft-ietf-grow-route-leak-probl… joel jaeggli
- Re: [GROW] WGLC: draft-ietf-grow-route-leak-probl… Sriram, Kotikalapudi