IETF Logo Mail Archive

Re: [Idr] Route Leaks and solutions

"Sriram, Kotikalapudi" <kotikalapudi.sriram@nist.gov> Sun, 05 July 2015 21:10 UTC

Return-Path: <kotikalapudi.sriram@nist.gov>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D61FE1A00B0 for <idr@ietfa.amsl.com>; Sun, 5 Jul 2015 14:10:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q1uhKTxwRV37 for <idr@ietfa.amsl.com>; Sun, 5 Jul 2015 14:10:21 -0700 (PDT)
Received: from na01-bn1-obe.outbound.protection.outlook.com (mail-bn1on0734.outbound.protection.outlook.com [IPv6:2a01:111:f400:fc10::734]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B4A8C1A006D for <idr@ietf.org>; Sun, 5 Jul 2015 14:10:21 -0700 (PDT)
Received: from CY1PR09MB0793.namprd09.prod.outlook.com (10.163.43.143) by BLUPR09MB005.namprd09.prod.outlook.com (10.255.211.143) with Microsoft SMTP Server (TLS) id 15.1.213.10; Sun, 5 Jul 2015 21:10:16 +0000
Received: from CY1PR09MB0793.namprd09.prod.outlook.com ([10.163.43.143]) by CY1PR09MB0793.namprd09.prod.outlook.com ([10.163.43.143]) with mapi id 15.01.0207.004; Sun, 5 Jul 2015 21:10:16 +0000
From: "Sriram, Kotikalapudi" <kotikalapudi.sriram@nist.gov>
To: Randy Bush <randy@psg.com>, Susan Hares <shares@ndzh.com>
Thread-Topic: [Idr] Route Leaks and solutions
Thread-Index: AQHQst/YBwy3rwbYakKgtnDiHnHcZp3NZLUJ
Date: Sun, 05 Jul 2015 21:10:15 +0000
Message-ID: <CY1PR09MB0793410DCB344DEB86185F2B84940@CY1PR09MB0793.namprd09.prod.outlook.com>
References: <005901d0b283$ea07bd20$be173760$@ndzh.com>, <m2vbe5vrew.wl%randy@psg.com>
In-Reply-To: <m2vbe5vrew.wl%randy@psg.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;
x-originating-ip: [129.6.218.169]
x-microsoft-exchange-diagnostics: 1; BLUPR09MB005; 5:ri7reYeRqSLtsAlEY0ck/Z8c19miiH3Xjktyfvn9SFyvu0bgflJD5cNtnR2dpUTFqP1uK5NsxgAeniGdit9y3zrfdxg2OcuedSSMdy69o8sGavy0z1ZeM/HLNPRTOrsgMSH8ftstbxODaH00K8foUQ==; 24:UG7yRXb8LWIJTNlNa4gVpzRj3N/lvtl3B6rPdd5j8tv392OjKfNGnfdSHCBGk9NJfD+g4myB+oA1JMLaKcI9tDzPJv/oUypZiR+bBxdDyWs=; 20:3XRYju3QIngBFQGa57kyhVMRhrsH1qRwWHCQW5pA8nERutVtfaYCA4N5W2+fydOj9i2N8mrNRHm+79ZG4TaffA==
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:BLUPR09MB005;
blupr09mb005: X-MS-Exchange-Organization-RulesExecuted
x-microsoft-antispam-prvs: <BLUPR09MB005551B0897AE0F16BBED1184940@BLUPR09MB005.namprd09.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(601004)(5005006)(3002001); SRVR:BLUPR09MB005; BCL:0; PCL:0; RULEID:; SRVR:BLUPR09MB005;
x-forefront-prvs: 062899525A
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(92566002)(5001770100001)(76576001)(106116001)(122556002)(40100003)(66066001)(33656002)(46102003)(77156002)(62966003)(99286002)(74316001)(54356999)(76176999)(19580395003)(5002640100001)(50986999)(86362001)(2950100001)(5001960100002)(102836002)(77096005)(87936001)(15975445007)(189998001)(2656002)(5003600100002)(2900100001); DIR:OUT; SFP:1102; SCL:1; SRVR:BLUPR09MB005; H:CY1PR09MB0793.namprd09.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en;
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: nist.gov
X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Jul 2015 21:10:15.6868 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 2ab5d82f-d8fa-4797-a93e-054655c61dec
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BLUPR09MB005
Archived-At: <http://mailarchive.ietf.org/arch/msg/idr/09iStnyFLiNlXAiVxG4h0CU9h0E>
Cc: 'idr wg' <idr@ietf.org>, "Montgomery, Douglas" <dougm@nist.gov>, "bdickson@twitter.com" <bdickson@twitter.com>
Subject: Re: [Idr] Route Leaks and solutions
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 05 Jul 2015 21:10:24 -0000

Randy,

> 1.  Does the IDR WG think Route leaks should be deployed in two modes:
> With BGPSEC and without BGPSEC?

>without bgpsec, is it an attack vector?

We have tried to address this question in some detail in Section 5.1 of the updated version:

https://tools.ietf.org/html/draft-sriram-idr-route-leak-detection-mitigation-01#section-5 

Please let us know if that seems reasonable or would like to add anything to that discussion.

Sriram

v2.23.0 | Report a Bug | By Email