IETF Logo Mail Archive

Re: [Idr] draft-ymbk-l3vpn-origination-00.txt

Randy Bush <randy@psg.com> Tue, 16 October 2012 03:41 UTC

Return-Path: <randy@psg.com>
X-Original-To: l3vpn@ietfa.amsl.com
Delivered-To: l3vpn@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 22B2021F86E4; Mon, 15 Oct 2012 20:41:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.494
X-Spam-Level:
X-Spam-Status: No, score=-2.494 tagged_above=-999 required=5 tests=[AWL=0.105, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id y95Kd5iREG3Q; Mon, 15 Oct 2012 20:41:57 -0700 (PDT)
Received: from ran.psg.com (ran.psg.com [IPv6:2001:418:1::36]) by ietfa.amsl.com (Postfix) with ESMTP id 9C3E121F851A; Mon, 15 Oct 2012 20:41:57 -0700 (PDT)
Received: from localhost ([127.0.0.1] helo=rair.psg.com.psg.com) by ran.psg.com with esmtp (Exim 4.80 (FreeBSD)) (envelope-from <randy@psg.com>) id 1TNy2T-000H49-N1; Tue, 16 Oct 2012 03:41:54 +0000
Date: Mon, 15 Oct 2012 17:41:52 -1000
Message-ID: <m2y5j7gk1r.wl%randy@psg.com>
From: Randy Bush <randy@psg.com>
To: Robert Raszuk <robert@raszuk.net>
Subject: Re: [Idr] draft-ymbk-l3vpn-origination-00.txt
In-Reply-To: <CA+b+ERk7dzBFLFN7BGEEg7aj0ymoh50GKbMB6CGxCXWqaCCuUg@mail.gmail.com>
References: <20121015175711.5993.31704.idtracker@ietfa.amsl.com> <m2391flias.wl%randy@psg.com> <CA+b+ERk7dzBFLFN7BGEEg7aj0ymoh50GKbMB6CGxCXWqaCCuUg@mail.gmail.com>
User-Agent: Wanderlust/2.15.9 (Almost Unreal) Emacs/22.3 Mule/5.0 (SAKAKI)
MIME-Version: 1.0 (generated by SEMI 1.14.7 - "Harue")
Content-Type: text/plain; charset="US-ASCII"
X-Mailman-Approved-At: Tue, 16 Oct 2012 00:22:57 -0700
Cc: idr wg <idr@ietf.org>, L3VPN <l3vpn@ietf.org>, pmehta@cisco.com, luay.jalil@verizon.com
X-BeenThere: l3vpn@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: <l3vpn.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/l3vpn>, <mailto:l3vpn-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/l3vpn>
List-Post: <mailto:l3vpn@ietf.org>
List-Help: <mailto:l3vpn-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/l3vpn>, <mailto:l3vpn-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Oct 2012 03:41:58 -0000

thanks for review!

>    This document describes how the originating PE, West, may sign the
>    announcement so that the destination PE, East, may authenticate the
>    NLRI and the Route Distinguisher (RD), , see RFC 4364 [RFC4364]
> 
> Let me point out that West PE is not the originator of the route
> advertisement .. neither East PE is the destination. Originator and
> destination are corresponding CEs on both sides.

good catch!

> With this in mind let me also point out that RFC4364 VPN sites very
> often use private addresses which are never part of any public RPKI
> for one simple reason that public RPKI has no notion of RDs to make
> such prefixes unique.

if they want to use the rpki, then, just as other rpki publishers using
1918 space, they would have local trust anchors and certify the private
space.  see draft-ietf-sidr-ltamgmt.

> Last let me point out also that RFC4364 defines CSC interconnect model
> which this draft also does not comment on.

more specific cite, please?  thanks.

randy

v2.23.0 | Report a Bug | By Email