Re: [sidr] Route Leaks and BGP Security

Jakob Heitz <jakob.heitz@ericsson.com> Mon, 21 November 2011 15:14 UTC

Return-Path: <jakob.heitz@ericsson.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E310B21F8B50 for <sidr@ietfa.amsl.com>; Mon, 21 Nov 2011 07:14:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.4
X-Spam-Level:
X-Spam-Status: No, score=-6.4 tagged_above=-999 required=5 tests=[AWL=0.199, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VPSbdlncJnPx for <sidr@ietfa.amsl.com>; Mon, 21 Nov 2011 07:14:36 -0800 (PST)
Received: from imr3.ericy.com (imr3.ericy.com [198.24.6.13]) by ietfa.amsl.com (Postfix) with ESMTP id 3807721F8B49 for <sidr@ietf.org>; Mon, 21 Nov 2011 07:14:36 -0800 (PST)
Received: from eusaamw0706.eamcs.ericsson.se ([147.117.20.31]) by imr3.ericy.com (8.13.8/8.13.8) with ESMTP id pALFEWHK015698 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Mon, 21 Nov 2011 09:14:33 -0600
Received: from EUSAACMS0701.eamcs.ericsson.se ([169.254.1.20]) by eusaamw0706.eamcs.ericsson.se ([147.117.20.31]) with mapi; Mon, 21 Nov 2011 10:14:32 -0500
From: Jakob Heitz <jakob.heitz@ericsson.com>
To: Russ White <russw@riw.us>
Date: Mon, 21 Nov 2011 10:15:27 -0500
Thread-Topic: [sidr] Route Leaks and BGP Security
Thread-Index: AcyoYEUxfBChAczhQ0+Gwbdj7quabA==
Message-ID: <FF9A9FC9-6A3E-4263-8490-E5F61172B490@ericsson.com>
References: <20111117040124.18551.47190.idtracker@ietfa.amsl.com> <0863194F-7564-40A9-BB73-ABF8BB97C3AB@tcb.net> <7309FCBCAE981B43ABBE69B31C8D21391A4704525E@EUSAACMS0701.eamcs.ericsson.se> <CAL9jLabbHVauBYUkXCxdpWW90Vt+fMRzATr-aOrdU912ibxJeQ@mail.gmail.com> <4ECA44E2.1050402@riw.us>
In-Reply-To: <4ECA44E2.1050402@riw.us>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Cc: "sidr@ietf.org" <sidr@ietf.org>
Subject: Re: [sidr] Route Leaks and BGP Security
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Nov 2011 15:14:37 -0000

When S sends a packet to D, that packet should traverse
only ASs that S trusts OR that D trusts. If the packet
traverses an AS that NEITHER S NOR D trusts, then a route
leak has occurred.

I would generally avoid using packet flow models as a way to describe
BGP security issues...

The ultimate goal is to protect the packet flow, so I went back to that to come up with a definition. How to translate that into BGP is just the next step.