Re: [savnet] A variation of DSAV as a BGP extension
tolidan@tsinghua.edu.cn Tue, 22 March 2022 11:28 UTC
Return-Path: <tolidan@tsinghua.edu.cn>
X-Original-To: savnet@ietfa.amsl.com
Delivered-To: savnet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id E93E83A111A
for <savnet@ietfa.amsl.com>; Tue, 22 Mar 2022 04:28:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=0.001,
RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001,
T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001]
autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key)
header.d=tsinghua.edu.cn
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id 0gfgaobtbVa5 for <savnet@ietfa.amsl.com>;
Tue, 22 Mar 2022 04:28:30 -0700 (PDT)
Received: from zg8tmty1ljiyny4xntqumjca.icoremail.net
(zg8tmty1ljiyny4xntqumjca.icoremail.net [165.227.154.27])
by ietfa.amsl.com (Postfix) with SMTP id 2E9473A110F
for <savnet@ietf.org>; Tue, 22 Mar 2022 04:28:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=tsinghua.edu.cn; s=dkim; h=Received:From:To:Subject:Date:
Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:
Thread-Index:Content-Language; bh=eu3M+RE67mgk8PYV4Zdo4AjT8geEhg
X06W6D1PBJRRs=; b=hX9EI2Hq1krlowV8C2F/BqXf5ZaFVcaFuuV879uYTuHa0r
z5/Dnjr8Vw7Z6bW8Rq511ie6XWYnwQOdqrZf4N9dLchE3bKgfdLj7ZDyfl0ArYOo
ZmegGSqDDnyJUxBc7zKML7S3C0BjnXQ3d3jk1ooJMxcRjz/3AgKJ1XVaIto/o=
Received: from DESKTOPA8LSRCM (unknown [124.126.202.153])
by web4 (Coremail) with SMTP id ywQGZQAnEgDSsjli3ZoUEQ--.10492S2;
Tue, 22 Mar 2022 19:28:18 +0800 (CST)
From: <tolidan@tsinghua.edu.cn>
To: "'Lubashev, Igor'" <ilubashe=40akamai.com@dmarc.ietf.org>,
<savnet@ietf.org>
Date: Tue, 22 Mar 2022 19:28:19 +0800
Message-ID: <00aa01d83ddf$ee890c70$cb9b2550$@tsinghua.edu.cn>
MIME-Version: 1.0
Content-Type: text/plain;
charset="gb2312"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Outlook 16.0
Thread-Index: Adg9rzNNVgymQeJnQmKEQ4ZE2ACN6g==
Content-Language: zh-cn
X-CM-TRANSID: ywQGZQAnEgDSsjli3ZoUEQ--.10492S2
X-Coremail-Antispam: 1UD129KBjvJXoWxAr18Kw48uFW8Cr4DXF47Jwb_yoW5GrWxpa
y2q3s8t3s7t3WxCry8Cw15Xr48WrZYy3y7Xr1Dt34Iya98JF9Yqry0qFn8Za48ur4kCrya
qFsFya4jyws3ZaDanT9S1TB71UUUUUUqnTZGkaVYY2UrUUUUjbIjqfuFe4nvWSU5nxnvy2
9KBjDU0xBIdaVrnRJUUUk0b7Iv0xC_Kw4lb4IE77IF4wAFF20E14v26r1j6r4UM7CY07I2
0VC2zVCF04k26cxKx2IYs7xG6rWj6s0DM7CIcVAFz4kK6r1j6r18M28lY4IEw2IIxxk0rw
A2F7IY1VAKz4vEj48ve4kI8wA2z4x0Y4vE2Ix0cI8IcVAFwI0_Xr0_Ar1l84ACjcxK6xII
jxv20xvEc7CjxVAFwI0_Gr0_Cr1l84ACjcxK6I8E87Iv67AKxVW0oVCq3wA2z4x0Y4vEx4
A2jsIEc7CjxVAFwI0_GcCE3s1le2I262IYc4CY6c8Ij28IcVAaY2xG8wAqx4xG64xvF2IE
w4CE5I8CrVC2j2WlYx0E2Ix0cI8IcVAFwI0_Jr0_Jr4lYx0Ex4A2jsIE14v26r1j6r4UMc
vjeVCFs4IE7xkEbVWUJVW8JwACjcxG0xvY0x0EwIxGrwAKzVCY07xG64k0F24l42xK82IY
c2Ij64vIr41l4I8I3I0E4IkC6x0Yz7v_Jr0_Gr1lx2IqxVAqx4xG67AKxVWUJVWUGwC20s
026x8GjcxK67AKxVWUGVWUWwC2zVAF1VAY17CE14v26r1Y6r17MIIYrxkI7VAKI48JMIIF
0xvE2Ix0cI8IcVAFwI0_Jr0_JF4lIxAIcVC0I7IYx2IY6xkF7I0E14v26r1j6r4UMIIF0x
vE42xK8VAvwI8IcIk0rVWUJVWUCwCI42IY6I8E87Iv67AKxVWUJVW8JwCI42IY6I8E87Iv
6xkF7I0E14v26r4j6r4UJbIYCTnIWIevJa73UjIFyTuYvjxUgJDGDUUUU
X-CM-SenderInfo: pwroxvtdq632xlqjx3vdohv3gofq/1tbiAQINCV7nFSZIRwABsD
Archived-At: <https://mailarchive.ietf.org/arch/msg/savnet/lokFqFBnPZKhenCPkztIikycfmY>
Subject: Re: [savnet] A variation of DSAV as a BGP extension
X-BeenThere: savnet@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <savnet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/savnet>,
<mailto:savnet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/savnet/>
List-Post: <mailto:savnet@ietf.org>
List-Help: <mailto:savnet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/savnet>,
<mailto:savnet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Mar 2022 11:28:37 -0000
Thank Igor for sharing the slides. I've read through it. DSAV can be realized either as a new protocol or as a new SAFI in BGP. Actually we also think extending BGP may be easier for deployment consideration. In our current design, we mainly pay attention on two aspects. 1) Where to send the SAV notification message? In our current design, each AS sends the notification along the "real" data-plane forwarding path (AS path). 2) How to improve the scalability of the protocol by sending as few notification messages as possible? We use several ways to combine the protocol messages, which will be described in our BoF meeting on Thursday. Incentive and incremental deployment require more discussions. Best, Dan -----邮件原件----- 发件人: savnet-bounces@ietf.org <savnet-bounces@ietf.org> 代表 Lubashev, Igor 发送时间: 2022年3月22日 12:15 收件人: savnet@ietf.org 主题: [savnet] A variation of DSAV as a BGP extension I am glad to see some renewed attention paid to SAV. Here is a quick proposal I've made on the topic @ IETF-101. https://datatracker.ietf.org/meeting/101/materials/slides-101-rtgwg-sessb-in gress-filtering-for-asymmetric-routing-01 The quick summary of the above: 1. We have a problem today, because we use the same BGP reachability advertisements for two separate purposes: advertising reachability and SAV. 2. The proposal is a creation of a new "SAV Allow" SAFI. Advertisements with "SAV Allow" SAFI are never used for forwarding and can only be used for SAV. 2a. The advertisements are secured against spoofing by all the usual means that BGP advertisements are secured. 2b. "SAV Allow" SAFI advertisements are transitive, unless a route (a regular or "SAV Allow") with the same or a shorter prefix is advertised to a peer. This is because the advertised route already serves "SAV Allow" purpose. 2c. Only routers that support "SAV Allow" SAFI get these advertisements. 3. The upside is that this seems like it would solve SAV problem and use just a simple BGP extension for it. The downside is that incremental deployment can only start with the routers that are originating the routes -- upgrading an intermediary router does no good, unless all routers between the path originator and itself have been upgraded. 3a. Compared to RFC8704, RFC8704 does not solve SAV completely, but it allows for a much looser increment deployment to be useful. Happy to discuss this more, of course. - Igor -- savnet mailing list savnet@ietf.org https://www.ietf.org/mailman/listinfo/savnet
- [savnet] A variation of DSAV as a BGP extension Lubashev, Igor
- Re: [savnet] A variation of DSAV as a BGP extensi… Zhuangshunwan
- Re: [savnet] A variation of DSAV as a BGP extensi… tolidan
- Re: [savnet] A variation of DSAV as a BGP extensi… Lubashev, Igor
- Re: [savnet] A variation of DSAV as a BGP extensi… Zhuangshunwan
- Re: [savnet] A variation of DSAV as a BGP extensi… Jari Arkko