Re: [Idr] WG Adoption call draft-ymbk-idr-bgp-open-policy - (6/6 to 6/20/2016)

"Sriram, Kotikalapudi (Fed)" <kotikalapudi.sriram@nist.gov> Fri, 17 June 2016 17:06 UTC

Return-Path: <kotikalapudi.sriram@nist.gov>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3447912D7CB; Fri, 17 Jun 2016 10:06:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nistgov.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hZdRevBovRWZ; Fri, 17 Jun 2016 10:06:46 -0700 (PDT)
Received: from gcc01-dm2-obe.outbound.protection.outlook.com (mail-dm2gcc01on0104.outbound.protection.outlook.com [23.103.201.104]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 79C5E12B069; Fri, 17 Jun 2016 10:06:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nistgov.onmicrosoft.com; s=selector1-nist-gov; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=3CpUsvN5jXozZrApQP78E33peyD5IolLGzI29Jr1E8I=; b=G7xNi3eurfei9xxbMQwsWk1+8J3GV5xySDf9nFFASeINnFfW0eL35ldhcRsOmOKk4IDbG3hL8d9X/I5kDFs6Z2TI0WaniESYj5zVWs1HT57p9CPgMb1jjGs/xpMac5Wr4AO023z7JxfWZM0Z29v48OSk2jJaCu2SOOmyWUZBKLU=
Received: from DM2PR09MB0446.namprd09.prod.outlook.com (10.161.252.145) by DM2PR09MB0446.namprd09.prod.outlook.com (10.161.252.145) with Microsoft SMTP Server (TLS) id 15.1.523.12; Fri, 17 Jun 2016 17:06:44 +0000
Received: from DM2PR09MB0446.namprd09.prod.outlook.com ([10.161.252.145]) by DM2PR09MB0446.namprd09.prod.outlook.com ([10.161.252.145]) with mapi id 15.01.0523.015; Fri, 17 Jun 2016 17:06:44 +0000
From: "Sriram, Kotikalapudi (Fed)" <kotikalapudi.sriram@nist.gov>
To: "aa@qrator.net" <aa@qrator.net>
Thread-Topic: [Idr] WG Adoption call draft-ymbk-idr-bgp-open-policy - (6/6 to 6/20/2016)
Thread-Index: AdHAEXYm+R0yr9NBRVeLkrezdS25EQA9XwKQAC3yRAABvZxAcA==
Date: Fri, 17 Jun 2016 17:06:44 +0000
Message-ID: <DM2PR09MB0446B1EE79006D28E67BD88B84570@DM2PR09MB0446.namprd09.prod.outlook.com>
References: <012e01d1c012$1d05f8d0$5711ea70$@ndzh.com> <BL2PR09MB11233AF9434057E641967E9E845D0@BL2PR09MB1123.namprd09.prod.outlook.com> <CAHgCvCMF_MO3zQEYhQiZTr5BdJ2ixLAuCfPakho77TCRD5zcRA@mail.gmail.com>
In-Reply-To: <CAHgCvCMF_MO3zQEYhQiZTr5BdJ2ixLAuCfPakho77TCRD5zcRA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=kotikalapudi.sriram@nist.gov;
x-originating-ip: [129.6.140.122]
x-ms-office365-filtering-correlation-id: 6fd74e25-e471-4553-a317-08d396d1c2a4
x-microsoft-exchange-diagnostics: 1; DM2PR09MB0446; 6:PoOfljDV/DeA5uIAXY/pgooACoWnf2nh+Z1WxNfoIC+wkpUfIm+rLPvT04FuHHR4TYAqW7XIVFaj4Hz7yDBdi7oqwZ6mkmDnpk/HEL2kbU4K5T+ebArjyNRRb0kW4VsQ6Ev1NRvKoR432OuZjUNVvJ28HH9HrCCrIHBr/b/TFmu6wf996bc4u4PBoITZL5ytXZz+WJ64HS72z3xCuXWkr/SVuaILuYYBPuYO6F1gkMmJr30vIVLSY+ONu+6LoUFdb9MOfCJLT0JdwZV2MJilSryryJ5hM50eTrp+fyVUB/nO8xDhDOIaAlYms5D0W+QjmLzJZCmk62R6XkEspt4jqw==; 5:4sQXGfRab9c0KCP2m4XO1iVZRkDxwPdm55BO8olOfFFxar+1IHshjcylW2MiZNNz0ktO/+pzSj5Hh57vKpIe8enMMyd/G5YohNxh7DEcsYcegdQocgcZtRd7O1cvBmnLsryDvUGDHCaHh1PDkwxicQ==; 24:beZKT/gwZj8wJHyJl91yA/E1LGf6rRlaLCFxACVGBwEGmfST9M75VUS/6CxCs2OlWcucvVZb16PyGHucQCBZWVjUZIf8034N+IPyajR5WZE=; 7:t3OoxeKB5xfERLdnqnOnOgEhtR+ufXzdmioo3sfh17uVShk4B+2Et7TX0DSuK2V6lhIPL4HZbs+lVJlRT38dXKK0+AVc8E68jZk347bciR0IFu5Rcwq1XAgvZNMDFn9IpnTqrakGOSEgBkljxPxBpm93LBo/LILaT1dASlogritJuaQrKEPE3m/QXd8xb9gYlrphLLq62uT1AQni/5FlByPYyq8nMHXK7GIMQmugCp9N07g27CXhwj0HPq6j9+e1
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:DM2PR09MB0446;
x-microsoft-antispam-prvs: <DM2PR09MB04464FEA9B2B53D691D8034684570@DM2PR09MB0446.namprd09.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(21748063052155);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(601004)(2401047)(5005006)(8121501046)(3002001)(10201501046)(6055026); SRVR:DM2PR09MB0446; BCL:0; PCL:0; RULEID:; SRVR:DM2PR09MB0446;
x-forefront-prvs: 09760A0505
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(7916002)(5423002)(199003)(189002)(19300405004)(7906002)(19617315012)(230783001)(19580395003)(15975445007)(99286002)(5003600100002)(2351001)(77096005)(8666005)(92566002)(97736004)(5004730100002)(19625215002)(1730700003)(76176999)(561944003)(54356999)(81156014)(81166006)(50986999)(87936001)(7846002)(4326007)(8676002)(2906002)(74316001)(105586002)(5002640100001)(33656002)(9686002)(19609705001)(122556002)(2501003)(8936002)(110136002)(101416001)(76576001)(66066001)(5630700001)(189998001)(106356001)(2950100001)(2900100001)(11100500001)(86362001)(68736007)(586003)(3660700001)(790700001)(5640700001)(3846002)(6116002)(3280700002)(10400500002)(16236675004)(102836003)(7059030); DIR:OUT; SFP:1102; SCL:1; SRVR:DM2PR09MB0446; H:DM2PR09MB0446.namprd09.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: nist.gov does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_DM2PR09MB0446B1EE79006D28E67BD88B84570DM2PR09MB0446namp_"
MIME-Version: 1.0
X-OriginatorOrg: nist.gov
X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Jun 2016 17:06:44.1718 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 2ab5d82f-d8fa-4797-a93e-054655c61dec
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM2PR09MB0446
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/2s_sPNu22oCOEN0IK93XjH96Umk>
Cc: "idr@ietf.org" <idr@ietf.org>, "draft-ietf-idr-route-leak-detection-mitigation@ietf.org" <draft-ietf-idr-route-leak-detection-mitigation@ietf.org>, Susan Hares <shares@ndzh.com>
Subject: Re: [Idr] WG Adoption call draft-ymbk-idr-bgp-open-policy - (6/6 to 6/20/2016)
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Jun 2016 17:06:50 -0000

Alexander,

Sorry for the delay in my response.

>In our proposal, AS2 would set OTC flag only if AS3 is not supporting roles,
>and this can easily be retrieved from OPEN message.
>So the problem is not with per-update basis approach,
-- snip --

In the SIDR/IDR/GROW WGs, the design choice of per-update vs. per-hop
was discussed at least since 2012. I tried to explain the rationale for
per-hop RLP attribute in my response to Eric with a simple example:
http://www.ietf.org/mail-archive/web/idr/current/msg15775.html

>When dealing with route leaks it’s important to solve the problem. Not just detect it.
-- snip --

[route-leak-detection-mitigation] does not ignore prevention/mitigation of route leaks.
Section 3.2 deals with intra-AS messaging for route leak prevention.
And the approach recommended there is based on the common practice approach
of major ISPs (please see the recent NANOG thread on this topic).
Also, Section 3.4 is about “Possible Actions at a Receiving Router for Mitigation.”
I was only making the well appreciated point that, the solution should put
more emphasis on prevention and detection, but the mitigation (following detection)
needs to allow *operator preferences* for how to handle externally (eBGP) learned routes
that are detected and marked as route leak.

Sriram