Re: [sidr] pCNT & (AS_PATH) prepending: Is it in scope?

Stephen Kent <> Mon, 01 August 2011 21:19 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 0CCFB21F8CE1 for <>; Mon, 1 Aug 2011 14:19:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -106.572
X-Spam-Status: No, score=-106.572 tagged_above=-999 required=5 tests=[AWL=0.027, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id eHyiiZIdvfli for <>; Mon, 1 Aug 2011 14:19:00 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 7E55E21F8C90 for <>; Mon, 1 Aug 2011 14:19:00 -0700 (PDT)
Received: from ([]:58073 helo=[]) by with esmtp (Exim 4.74 (FreeBSD)) (envelope-from <>) id 1QnztA-000NrE-HW; Mon, 01 Aug 2011 17:19:04 -0400
Mime-Version: 1.0
Message-Id: <p06240801ca5cc6f407b3@[]>
In-Reply-To: < >
References: <> <> < >
Date: Mon, 01 Aug 2011 17:18:51 -0400
To: Jakob Heitz <>
From: Stephen Kent <>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Cc: "" <>
Subject: Re: [sidr] pCNT & (AS_PATH) prepending: Is it in scope?
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 01 Aug 2011 21:19:01 -0000

At 3:16 PM -0400 8/1/11, Jakob Heitz wrote:
>It is easy enough to tell, but should we?
>It is also easy to protect other bgp attributes that affect path selection.

maybe, or maybe not. The AS path info can be protected using the RPKI,
because each ISP gets a cert that enumerates all AS#'s associated 
with that ISP.
So, when a router signs an AS path entry, the authorization of the 
router to represent can be verified using the RPKI data.  Other 
attributes may not
correspond to data that we can verify, based on the RPKI.

>However, the real question is:
>Do we want to invalidate an update if someone changes such an attribute?

in the case of As path, sinec we know that ISPs make use of AS path to
distinguish between different routes for the same prefix, it makes sense to
reject (or at least penalize locally) a route if the path sig data is invalid.

>Remember, if we send a route to an AS, even if it is less preferred
>than another route, then that route will be used if the preferred route
>becomes infeasible.

More precisely, the route MAY become the preferred route if the previous
preferred route becomes ...

>Therefore, there is not as much value in
>protecting attributes as there is in protecting the path.

I don't agree.  because the AS path length if a very important attribute
in pat selection, it merits protection.

>I thought there was a statement some time ago that we only protect
>the path, not the attributes.

that have been a lot of statements on this list over time :-).

>A prepend is not a change in path. It is more like an attribute.

Prepedning is a way that ISP use BGP to effect traffic engineering,
at a distance.  A route, technically, is a set of prefixes (NLRI) plus
an AS path.  I believe we are trying to protect routes. Biut I agree that
we ought to be more precise in the way we say this.