[Idr] Re: BGP Origin Scrubbing (draft-marenamat-idr-scrub-bgp-origin-00)
David Farmer <farmer@umn.edu> Tue, 04 November 2025 00:54 UTC
Return-Path: <farmer@umn.edu>
X-Original-To: idr@mail2.ietf.org
Delivered-To: idr@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 8A8C082110D2 for <idr@mail2.ietf.org>; Mon, 3 Nov 2025 16:54:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -4.396
X-Spam-Level:
X-Spam-Status: No, score=-4.396 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=umn.edu
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id i85RA7TMWeUh for <idr@mail2.ietf.org>; Mon, 3 Nov 2025 16:54:27 -0800 (PST)
Received: from mta-p7.oit.umn.edu (mta-p7.oit.umn.edu [134.84.196.207]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id EDB0C82110BF for <idr@ietf.org>; Mon, 3 Nov 2025 16:54:26 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mta-p7.oit.umn.edu (Postfix) with ESMTP id 4d0qj84mnhz505YV for <idr@ietf.org>; Mon, 3 Nov 2025 18:54:20 -0600 (CST)
X-Virus-Scanned: amavis at umn.edu
Received: from mta-p7.oit.umn.edu ([127.0.0.1]) by localhost (mta-p7.oit.umn.edu [127.0.0.1]) (amavis, port 10024) with ESMTP id 5jbK5vohSHTk for <idr@ietf.org>; Mon, 3 Nov 2025 18:54:20 -0600 (CST)
Received: from mail-io1-f69.google.com (mail-io1-f69.google.com [209.85.166.69]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mta-p7.oit.umn.edu (Postfix) with ESMTPS id 4d0qj82Q9Yz504Lt for <idr@ietf.org>; Mon, 3 Nov 2025 18:54:20 -0600 (CST)
DMARC-Filter: OpenDMARC Filter v1.4.2 mta-p7.oit.umn.edu 4d0qj82Q9Yz504Lt
Authentication-Results: mta-p7.oit.umn.edu; dmarc=pass (p=reject dis=none) header.from=umn.edu
Authentication-Results: mta-p7.oit.umn.edu; spf=pass smtp.mailfrom=umn.edu
DKIM-Filter: OpenDKIM Filter v2.11.0 mta-p7.oit.umn.edu 4d0qj82Q9Yz504Lt
Authentication-Results: mta-p7.oit.umn.edu; dkim=pass (2048-bit key, unprotected) header.d=umn.edu header.i=@umn.edu header.a=rsa-sha256 header.s=google header.b=VeB9DjKD
Received: by mail-io1-f69.google.com with SMTP id ca18e2360f4ac-93e8839f138so494728639f.2 for <idr@ietf.org>; Mon, 03 Nov 2025 16:54:20 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=umn.edu; s=google; t=1762217660; x=1762822460; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=26iaiAVbHSevL4i1G286Ma+zDLrvy1F4rXH9Ps2S9cg=; b=VeB9DjKDX6aDa/nE0OoFhEWIjXJ8ikPDdgv6PiB8Pr41/9oIX1oVfeMOmEfhrNflUG egFc8OPNnl4EGcCdg7j9uisfKZbbvexs/DKfK5UtSPDaEMnejxWuzFTmAGzsPAQY4hJU 1Lka+dUpf6eBY/ZiQUtED5MffiYjnEfoDEwErP44U8mj/Gs5dkymLgWdzR4SG4GpgY5l JoApvwLtpFnpSO04p848aztff7M1aOF1vJgGFsQeyEdd8luIu+fNZ0qwQQSIrylVWp7M DdbGURss4v/8G/tHP+HMZf4ypQQ0LcQHTN9Rhw59pUs8RadzZPs015OpWvEg98l5afDe PcEw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1762217660; x=1762822460; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=26iaiAVbHSevL4i1G286Ma+zDLrvy1F4rXH9Ps2S9cg=; b=NOKFZcDLFZfExfa4Fogu3lV4b4qN+05Mt2HX15S9BLrNyNqG3jU2alfWseczL92STM YGhr3ipsxRMl18tClDmhkR37cDQYEGpUhLx6qj+5K85m/xZ/pOkXIqDqbizLhWxdqu4F NRV1J+ouA8Za+LcRb1C5/G2E2Mgp+aDXsoCIBRFE06ry1dG/7oDlv+MgpFZoY+rU9Kip YBrO4ozm4RisbCcZTsnEEmEljiC+Q78a9fjTFvgD2LjzcQQ0NWTcz0sAycO7u9ig3yjd +jAyD2fcL9BOeaA6BcIEeWqy4AqtCHAfJOuvyWD4AL4VAR2MNtsqM3m+dirLW/KCXbNw mPBA==
X-Forwarded-Encrypted: i=1; AJvYcCWdcAX0eI4Xo1DA5BpqF6N6xJvA9VP4aH6b2/RJHuRY9ZXD9YLBdi+TCNSEQSPkr1Bn2jg=@ietf.org
X-Gm-Message-State: AOJu0YwCfTGrPEz7s1w+RY8ModXoRN3jnz6LoDiMLXvWdIh9kB/P0f5+ iL/TIuKXYi0H4oTdPPH0e3bMxYUdkdJSdElU+5YhWHrYQkGR3fbXNLPhkh6X/aS7U46nPCmqiec m/spJR4ydMFIAyDeWKPInpuJISIOCEmdnCZvkHYTIDoB5B49wylJ3YVXxP1g4+wWYvxkW5QNmFg Xt1C4+Cjj7ipN/bb5jY13XNr4=
X-Gm-Gg: ASbGnctbrZrDQYKwLF/yETxLjYS7zpAKS59ZLaFhsUdY7G7VVkg7eKLFKngnS+N4zsb eGW6T0cq1Q55GtV3U369x/wkk1f283xwS2Xbewb8Uohy7xyT8LufVTK9yt+yCf5vQHv7jFYgEhc BwkQ/X1+p3uGew2uIg44tmsoNiw2Pa/qbaPq9V0QG/hRo9vACBMjXfZG0rbd12n3dMCm6CP6C6B RozlnTG/Q5zcos=
X-Received: by 2002:a05:6e02:b4f:b0:433:3048:55ec with SMTP id e9e14a558f8ab-433304857acmr66106875ab.27.1762217659763; Mon, 03 Nov 2025 16:54:19 -0800 (PST)
X-Google-Smtp-Source: AGHT+IHyjwGl+UnCnG0IWkHf+/VtVWhSuL+Trcp2Vo9yvl1sBVf9kigUNPKJQdSQZxHFNia9RLvdFtMBhYcuTj/bJk0=
X-Received: by 2002:a05:6e02:b4f:b0:433:3048:55ec with SMTP id e9e14a558f8ab-433304857acmr66106705ab.27.1762217659369; Mon, 03 Nov 2025 16:54:19 -0800 (PST)
MIME-Version: 1.0
References: <176220981836.503762.16382714890971746625@dt-datatracker-5df8666cb-7l4w5> <aQkxNvBHOa7tNRn0@struhadlo.private.jmq.cz> <aQk9HUxDgE6VtycZ@shrubbery.net> <CAOj+MMGxwyBiMm+OTF-LuB1hpvpwmad4PxbUtK3UB4vpMBTM7A@mail.gmail.com>
In-Reply-To: <CAOj+MMGxwyBiMm+OTF-LuB1hpvpwmad4PxbUtK3UB4vpMBTM7A@mail.gmail.com>
From: David Farmer <farmer@umn.edu>
Date: Mon, 03 Nov 2025 18:54:08 -0600
X-Gm-Features: AWmQ_bkBorw8wwXoHxe-vvvMmzH_tg5QMA504Buy5DZxlgGV7MnqUANAR28342w
Message-ID: <CAN-Dau3kvdfGVsQzzeKu30G2M2kaAkYcHDt9FPrn9fjnvHZcGw@mail.gmail.com>
To: Robert Raszuk <robert@raszuk.net>
Content-Type: multipart/alternative; boundary="0000000000009a9b250642ba45a5"
Message-ID-Hash: JHHMTU5X5INU2ZRPGVYMEOIWJRHSD2OB
X-Message-ID-Hash: JHHMTU5X5INU2ZRPGVYMEOIWJRHSD2OB
X-MailFrom: farmer@umn.edu
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-idr.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: heasley <heas@shrubbery.net>, Maria Matejka <maria.matejka=40nic.cz@dmarc.ietf.org>, idr@ietf.org, Alexander Zubkov <green@qrator.net>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [Idr] Re: BGP Origin Scrubbing (draft-marenamat-idr-scrub-bgp-origin-00)
List-Id: Inter-Domain Routing <idr.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/D3rfeeSHppGToF_YCfWLR0PMyfo>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Owner: <mailto:idr-owner@ietf.org>
List-Post: <mailto:idr@ietf.org>
List-Subscribe: <mailto:idr-join@ietf.org>
List-Unsubscribe: <mailto:idr-leave@ietf.org>
“MUST NOT” is not going to change anything at this point. It’s not going to make us into the protocol police, but would make us into protocol nannies, waging our finger ISPs. So let’s NOT! Changing the Origin Type doesn’t break the protocol, and if fact I would argue it is using the protocol as it is intended. I think the RIPE presenter has the right idea, default to setting the Origin Type to IGP, but provide an opt out for customers. But I do think the use of EGP in the wild is kind of weird. Thanks On Mon, Nov 3, 2025 at 18:01 Robert Raszuk <robert@raszuk.net> wrote: > Hi, > > Reading the RIPE91 slides from James in search for justification of this > idea behind this draft it seems that the real issue is that some Tier1s are > overwriting ORIGIN Attribute. > > So if anything I would suggest to open a github ticket towards RFC4271bis > to make change in section 5.1.1: > > from: > > Its value SHOULD NOT be changed by any other speaker. > > changed into: > > Its value MUST NOT be changed by any other speaker. > > Regards, > Robert > > On Tue, Nov 4, 2025 at 12:37 AM heasley <heas@shrubbery.net> wrote: > >> Mon, Nov 03, 2025 at 11:48:22PM +0100, Maria Matejka: >> > > The BGP Origin attribute in its original meaning has been out of >> use >> > > for years. Yet, the BGP Origin attribute has high priority in the >> > > best route selection algorithm, right after the AS Path length, and >> > > it's being used inconsistently over the Internet to manipulate the >> > > route preference. >> >> Yes, it is being used to affect route selection. There are few knobs that >> one can turn for that purpose. I suggest that the attribute be left >> alone. >> >> _______________________________________________ >> Idr mailing list -- idr@ietf.org >> To unsubscribe send an email to idr-leave@ietf.org >> > _______________________________________________ > Idr mailing list -- idr@ietf.org > To unsubscribe send an email to idr-leave@ietf.org >
- [Idr] BGP Origin Scrubbing (draft-marenamat-idr-s… Maria Matejka
- [Idr] Re: BGP Origin Scrubbing (draft-marenamat-i… Robert Raszuk
- [Idr] Re: BGP Origin Scrubbing (draft-marenamat-i… Gert Doering
- [Idr] Re: BGP Origin Scrubbing (draft-marenamat-i… heasley
- [Idr] Re: BGP Origin Scrubbing (draft-marenamat-i… Robert Raszuk
- [Idr] Re: BGP Origin Scrubbing (draft-marenamat-i… David Farmer