IETF Logo Mail Archive

Re: [sidr] BGPSEC proposal to drop AS_PATH [was: Fwd: request for agenda items for interim meeting 6 Jun]

Jakob Heitz <jakob.heitz@ericsson.com> Wed, 30 May 2012 00:01 UTC

Return-Path: <jakob.heitz@ericsson.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5BA6311E8177; Tue, 29 May 2012 17:01:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XM36mkDvyxOp; Tue, 29 May 2012 17:01:53 -0700 (PDT)
Received: from imr4.ericy.com (imr4.ericy.com [198.24.6.9]) by ietfa.amsl.com (Postfix) with ESMTP id 6ACF111E8173; Tue, 29 May 2012 17:01:53 -0700 (PDT)
Received: from eusaamw0706.eamcs.ericsson.se ([147.117.20.31]) by imr4.ericy.com (8.14.3/8.14.3/Debian-9.1ubuntu1) with ESMTP id q4U01mKS027359; Tue, 29 May 2012 19:01:50 -0500
Received: from EUSAACMS0701.eamcs.ericsson.se ([169.254.1.31]) by eusaamw0706.eamcs.ericsson.se ([147.117.20.31]) with mapi; Tue, 29 May 2012 20:01:43 -0400
From: Jakob Heitz <jakob.heitz@ericsson.com>
To: "John G. Scudder" <jgs@bgp.nu>, "sidr@ietf.org list" <sidr@ietf.org>
Date: Tue, 29 May 2012 20:01:42 -0400
Thread-Topic: [sidr] BGPSEC proposal to drop AS_PATH [was: Fwd: request for agenda items for interim meeting 6 Jun]
Thread-Index: Ac094TbBfl3MnBoUTvCChOkF5V/nqwAFG3+A
Message-ID: <7309FCBCAE981B43ABBE69B31C8D213921BFA65FD8@EUSAACMS0701.eamcs.ericsson.se>
References: <5BA9D6DE-BE0E-4922-9E09-7B85BD6F9342@juniper.net> <CE876529-6CDB-44ED-9184-CA73DFD2D048@juniper.net> <C37AE148-0873-4D9A-B1B2-1959A427435D@bgp.nu>
In-Reply-To: <C37AE148-0873-4D9A-B1B2-1959A427435D@bgp.nu>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "idr@ietf.org List" <idr@ietf.org>
Subject: Re: [sidr] BGPSEC proposal to drop AS_PATH [was: Fwd: request for agenda items for interim meeting 6 Jun]
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 May 2012 00:01:54 -0000

AS_PATH is used to specify the path that the payload takes.
Signed_AS_PATH is to verify the path that the update message takes.

There is no reason they can not be different. Let the verifying
function take both as input and let it decide based on policy.

An AS could forward an update with a third party nexthop of a third
party AS. The update message does not need to traverse the third
party AS at all, but the payload will. The third party ASN might just
be another ASN that the first party is using: it might be renumbering.
The first party might like to include the third party ASN for
loop detection.

I don't have a specific feature in mind. Just "what if".

On Tuesday, May 29, 2012 2:22 PM, John G. Scudder <> wrote:

> On May 29, 2012, at 2:24 PM, John G. Scudder wrote:
> 
>> It's also worth noting that leaving AS_PATH in would not be without
>> cost. In the cases where the content of AS_PATH is isomorphic to
>> that of BGPSEC_Path_Signatures, there's no problem -- but in those
>> cases AS_PATH clearly could have been left out. In the remaining
>> cases, what is the implementation supposed to do? It would be
>> necessary to carefully specify. The easiest cop-out would be to say
>> that in all such cases, the route fails validation. But I have a
>> feeling that it's not that easy. Leaving AS_PATH out reduces that
>> particular maze of twisty passages, although it replaces it with
>> another: making sure it was really OK to axe AS_PATH to begin with
>> (i.e., the discussion above).          
> 
> In an offline follow-up with Robert Raszuk, he pointed out that when
> one applies a knob that results in an AS_PATH that can't be
> represented as a BGPSEC_Path_Signatures [*] there is a third option,
> that of downgrading from BGPSEC to unsigned BGP. That is to say, you
> convert the BGPSEC_Path_Signatures to an AS_PATH, apply the knob to
> the AS_PATH, and propagate the route with the AS_PATH and not the
> BGPSEC_Path_Signatures. This is functionally equivalent to "in all
> such cases, the route fails validation" but is more straightforward
> and seems to make a lot of sense: everything that can be represented
> signed, should be. If you insist on doing something that can't be
> signed, you can fall back to unsigned BGP and hope for the best.     
> 
> This leaves me feeling a little more sanguine about the
> drop-the-AS_PATH idea, although I still think some more attention to
> enumerating what knobs will fall by the wayside is advisable.  
> 
> --John
> 
> [*] The name of this attribute makes for awkward prose since it has
> no natural singular. How about calling it BGPSEC_Path_Signature
> instead? Or Signed_Path or Signed_AS_Path sans brand name

-- 
Jakob Heitz.

v2.23.0 | Report a Bug | By Email