Re: [GROW] WGLC: draft-ietf-grow-blackholing - ENDS May 20, 2016

[Jeffrey Haas <jhaas@pfrc.org>]

On Fri, May 06, 2016 at 10:51:46AM -0400, Christopher Morrow wrote:
> The authors of: draft-ietf-grow-blackholing had asked for WGLC to be
> started on their document. The abstract is:
> 
>    This document describes the use of a well-known Border Gateway
>    Protocol (BGP) community for blackholing at IP networks and Internet
>    Exchange Points (IXP).  This well-known advisory transitive BGP
>    community, namely BLACKHOLE, allows an origin AS to specify that a
>    neighboring IP network or IXP should blackhole a specific IP prefix.
> 
> The URL to the document:
>   <https://tools.ietf.org/html/draft-ietf-grow-blackholing-00>
> 
> Please have a read, give it some consideration and send
> comments/questions/ACK/NACK back so the authors can adjust course or
> celebrate a process victory over the document snake.

I'm generally supportive of the draft in its current state.  A (re-)read
does cause me to ask the following:

:   BGP speakers SHOULD only accept and honor BGP announcements carrying
:   the BLACKHOLE community if the announced prefix is covered by a
:   shorter prefix for which the neighboring network is authorized to
:   advertise.

The "authorized to advertise" is a bit on the vague end. (I.e. how do you
write code for it?)  Could the authors give a bit more guidance here?  For
example, would an AS_PATH that is a proper prefix of the less specific
route's AS_PATH do?

The incremental deployment case is also a bit ugly.  If this more specific
route is received by a router that doesn't understand the community, it will
instead forward that more specific traffic toward the advertiser.
Presumably it would eventually reach a router that knows what it means and
blackhole it, so it's not tragic as long as the forwarding path in question
can absorb the traffic (which is presumably at DDoS levels).

-- Jeff