Re: [sidr] draft-sriram-bgpsec-design-choices-00 -- IXP and Route Server
Robert Raszuk <raszuk@cisco.com> Fri, 08 July 2011 14:05 UTC
Return-Path: <raszuk@cisco.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 46CCB21F871A for <sidr@ietfa.amsl.com>; Fri, 8 Jul 2011 07:05:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[AWL=-4.000, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jrvqlqkupmtu for <sidr@ietfa.amsl.com>; Fri, 8 Jul 2011 07:05:01 -0700 (PDT)
Received: from rcdn-iport-5.cisco.com (rcdn-iport-5.cisco.com [173.37.86.76]) by ietfa.amsl.com (Postfix) with ESMTP id 82A4A21F8509 for <sidr@ietf.org>; Fri, 8 Jul 2011 07:05:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=raszuk@cisco.com; l=953; q=dns/txt; s=iport; t=1310133901; x=1311343501; h=message-id:date:from:reply-to:mime-version:to:cc:subject: references:in-reply-to:content-transfer-encoding; bh=H70bwIVZGNZeprl8hirqFIGYVBuUZZZo7dGj+CV0MEk=; b=dJBDlzHtrpVSnIP8ofGNkY2/NpX8Bd1WUY89fQoJvgr/WiuBiZXiKOp7 PVdRPEeTdhm9YW+eAuTE+F5jyn/z/BXx3JngFZGWEFSKJu7SOFzmrGwQL NaqUbW9JstaOMXX0sbDPReAA2Qsjlc06CjcVjLuWTPUGZl41n3yo7qQ1v o=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Av0EADsNF06rRDoG/2dsb2JhbABTp0V3iHukZ4MVDwGaXIY4BJJMhH2LSQ
X-IronPort-AV: E=Sophos;i="4.65,499,1304294400"; d="scan'208";a="1050553"
Received: from mtv-core-1.cisco.com ([171.68.58.6]) by rcdn-iport-5.cisco.com with ESMTP; 08 Jul 2011 14:05:00 +0000
Received: from [192.168.1.51] (ams-raszuk-2-87113.cisco.com [10.55.99.78]) by mtv-core-1.cisco.com (8.14.3/8.14.3) with ESMTP id p68E4wWb019575; Fri, 8 Jul 2011 14:04:59 GMT
Message-ID: <4E170E82.60406@cisco.com>
Date: Fri, 08 Jul 2011 16:04:50 +0200
From: Robert Raszuk <raszuk@cisco.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.18) Gecko/20110616 Thunderbird/3.1.11
MIME-Version: 1.0
To: Randy Bush <randy@psg.com>, Chris Hall <chris.hall@highwayman.com>
References: <012601cc3d54$8f07c4e0$ad174ea0$@highwayman.com> <m2y609kptw.wl%randy@psg.com> <014001cc3d74$319571c0$94c05540$@highwayman.com> <m2pqlklw3v.wl%randy@psg.com>
In-Reply-To: <m2pqlklw3v.wl%randy@psg.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: 'sidr wg list' <sidr@ietf.org>
Subject: Re: [sidr] draft-sriram-bgpsec-design-choices-00 -- IXP and Route Server
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: raszuk@cisco.com
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Jul 2011 14:05:02 -0000
> so, A has to know all the ASs to which RS will hand route, forward sign > announcements to each of them and hand all those to RS, and RS then > stores them all and forwards as appropriate. that'll scale really well. IX are used for optimizing local traffic patterns. Only very few applications of IX are about Internet peering broker service (but let's keep those out for the time being). So if we assume that A wants to give some of his addresses to B & C via RS why do they need to bother with bgpsec at all ? When A advertises it's nets to it's Internet providers yes it will forward sign it properly so they will be announced everywhere according to BGPsec rules. Imagine an IX without RS ... A wants to peer with B and both establish a peering relation I really see no need why they should get any of additional security on top of their direct route exchange as B will not be a transit for A anyway. Rgs, R.
- [sidr] draft-sriram-bgpsec-design-choices-00 -- I… Chris Hall
- Re: [sidr] draft-sriram-bgpsec-design-choices-00 … Randy Bush
- Re: [sidr] draft-sriram-bgpsec-design-choices-00 … Chris Hall
- Re: [sidr] draft-sriram-bgpsec-design-choices-00 … Randy Bush
- Re: [sidr] draft-sriram-bgpsec-design-choices-00 … Robert Raszuk
- Re: [sidr] draft-sriram-bgpsec-design-choices-00 … Chris Hall
- Re: [sidr] draft-sriram-bgpsec-design-choices-00 … Randy Bush
- Re: [sidr] draft-sriram-bgpsec-design-choices-00 … Chris Hall
- Re: [sidr] draft-sriram-bgpsec-design-choices-00 … Randy Bush
- Re: [sidr] draft-sriram-bgpsec-design-choices-00 … Randy Bush
- Re: [sidr] draft-sriram-bgpsec-design-choices-00 … Sandra Murphy
- [sidr] IXP and Route Server and Next Hop transpar… Robert Raszuk
- Re: [sidr] draft-sriram-bgpsec-design-choices-00 … Sriram, Kotikalapudi
- Re: [sidr] draft-sriram-bgpsec-design-choices-00 … Chris Hall
- Re: [sidr] draft-sriram-bgpsec-design-choices-00 … Sriram, Kotikalapudi
- Re: [sidr] IXP and Route Server and Next Hop tran… Randy Bush
- Re: [sidr] draft-sriram-bgpsec-design-choices-00 … Roque Gagliano
- Re: [sidr] IXP and Route Server and Next Hop tran… Sandra Murphy
- Re: [sidr] IXP and Route Server and Next Hop tran… Robert Raszuk
- Re: [sidr] draft-sriram-bgpsec-design-choices-00 … Chris Hall
- Re: [sidr] draft-sriram-bgpsec-design-choices-00 … Chris Hall