Re: [sidr] draft-sriram-bgpsec-design-choices-00 -- IXP and Route Server
"Chris Hall" <chris.hall@highwayman.com> Sun, 10 July 2011 16:05 UTC
Return-Path: <chris.hall@highwayman.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F019721F8745 for <sidr@ietfa.amsl.com>; Sun, 10 Jul 2011 09:05:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id w5Vj3NnMGRRf for <sidr@ietfa.amsl.com>; Sun, 10 Jul 2011 09:05:45 -0700 (PDT)
Received: from anchor-post-3.mail.demon.net (anchor-post-3.mail.demon.net [195.173.77.134]) by ietfa.amsl.com (Postfix) with ESMTP id 4F42E21F873D for <sidr@ietf.org>; Sun, 10 Jul 2011 09:05:44 -0700 (PDT)
Received: from [80.177.246.162] (helo=hestia.halldom.com) by anchor-post-3.mail.demon.net with esmtp (Exim 4.69) id 1QfwVr-0001nI-p1; Sun, 10 Jul 2011 16:05:43 +0000
Received: from hyperion.halldom.com ([80.177.246.170] helo=HYPERION) by hestia.halldom.com with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.76) (envelope-from <chris.hall@highwayman.com>) id 1QfwVq-0008Gi-NL; Sun, 10 Jul 2011 17:05:42 +0100
From: Chris Hall <chris.hall@highwayman.com>
To: 'sidr wg list' <sidr@ietf.org>
References: <012601cc3d54$8f07c4e0$ad174ea0$@highwayman.com> <m2y609kptw.wl%randy@psg.com> <014001cc3d74$319571c0$94c05540$@highwayman.com> <m2pqlklw3v.wl%randy@psg.com> <014a01cc3d7f$6312f730$2938e590$@highwayman.com> <m2oc14ljh7.wl%randy@psg.com> <017d01cc3da0$9f8cd390$dea67ab0$@highwayman.com> <Pine.WNT.4.64.1107081506110.1536@SMURPHY-LT.columbia.ads.sparta.com>
In-Reply-To: <Pine.WNT.4.64.1107081506110.1536@SMURPHY-LT.columbia.ads.sparta.com>
Date: Sun, 10 Jul 2011 17:05:37 +0100
Organization: Highwayman
Message-ID: <01ec01cc3f1b$383c8920$a8b59b60$@highwayman.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQLnVxnGjNWVOyUsj5rn4Yr0eH1c1gL48hq9AYUdEa8CIAtBeALePpAvAmnYtsEBdZrX2AJHVOEeki+ILYA=
Content-Language: en-gb
Cc: 'Sandra Murphy' <Sandra.Murphy@sparta.com>
Subject: Re: [sidr] draft-sriram-bgpsec-design-choices-00 -- IXP and Route Server
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 10 Jul 2011 16:05:46 -0000
Sandra Murphy wrote (on Fri 08-Jul-2011 at 20:30): ... > Section 6.6 rightly notes that if an AS decided to share its > private key with another AS, no one outside the agreement > could tell the difference. As it stands, this is how a transparent route server could be implemented. I don't see a requirement to support transparent route servers in draft-ietf-sidr-bgpsec-reqs :-( Mind you, placing the RS ASN in the path might be said to violate: 3.15 A BGPsec design MUST NOT require operators to reveal more than is currently revealed... Though there's no shame in using an RS... except, perhaps, that your larger ASes will tend not to, and may turn their noses up at those that do. Using an RS, IXP customers can peer with each other for the cost of one BGP Session (or one with each local RS instance). At some IXPs there are several hundred RS clients. The cost doesn't go away, but falls on the RS, which scales as (N * N * R) -- number of clients 'N' and average number of routes each 'R' -- that is: it scales horribly. It would make life easier for the RS if the clients' routers were able to do more of the work -- noting that it is vital that this does NOT require any additional administrative effort beyond the initial configuration, and that new RS clients are automatically connected to all others (by default, at least). But any change at the client end requires some change to BGP and/or to administrative features of BGP implementations... so good luck with that, as they say :-( One such approach would use something like draft-walton-bgp-add-paths (currently expired), so that the RS no longer has to make any best path selection, but can pass all routes it has for each prefix, and let the clients decide. (This also solves the problem of how to allow clients to tune the selection process in the RS.) For BGPSEC it might be nice to push the signing out to the client: suppose BGPSEC were extended, so that each route given to the RS contained a list of AS Path signatures, one for each possible destination. This would also require a means for the RS to signal all possible destination ASes, so that there is no need for administrators to fiddle with their configurations. This solves the private key issue and has the happy property of moving work to the client -- except that they may not be quite ready to generate and send several hundred path signatures per route ! More exotic would be to arrange for the RS to talk to a box in each client which would provide the required signatures (inside the minimum advertisement interval). If that were a function of the local RPKI Cache, then setting up a BGPSEC connection to the RS would be a little more complicated, but once done would require no further work. (The request for a new signature could pass the current signatures, AS Path and NLRI etc, so that the signing box can verify that the RS is not asking for something it shouldn't.) Chris
- [sidr] draft-sriram-bgpsec-design-choices-00 -- I… Chris Hall
- Re: [sidr] draft-sriram-bgpsec-design-choices-00 … Randy Bush
- Re: [sidr] draft-sriram-bgpsec-design-choices-00 … Chris Hall
- Re: [sidr] draft-sriram-bgpsec-design-choices-00 … Randy Bush
- Re: [sidr] draft-sriram-bgpsec-design-choices-00 … Robert Raszuk
- Re: [sidr] draft-sriram-bgpsec-design-choices-00 … Chris Hall
- Re: [sidr] draft-sriram-bgpsec-design-choices-00 … Randy Bush
- Re: [sidr] draft-sriram-bgpsec-design-choices-00 … Chris Hall
- Re: [sidr] draft-sriram-bgpsec-design-choices-00 … Randy Bush
- Re: [sidr] draft-sriram-bgpsec-design-choices-00 … Randy Bush
- Re: [sidr] draft-sriram-bgpsec-design-choices-00 … Sandra Murphy
- [sidr] IXP and Route Server and Next Hop transpar… Robert Raszuk
- Re: [sidr] draft-sriram-bgpsec-design-choices-00 … Sriram, Kotikalapudi
- Re: [sidr] draft-sriram-bgpsec-design-choices-00 … Chris Hall
- Re: [sidr] draft-sriram-bgpsec-design-choices-00 … Sriram, Kotikalapudi
- Re: [sidr] IXP and Route Server and Next Hop tran… Randy Bush
- Re: [sidr] draft-sriram-bgpsec-design-choices-00 … Roque Gagliano
- Re: [sidr] IXP and Route Server and Next Hop tran… Sandra Murphy
- Re: [sidr] IXP and Route Server and Next Hop tran… Robert Raszuk
- Re: [sidr] draft-sriram-bgpsec-design-choices-00 … Chris Hall
- Re: [sidr] draft-sriram-bgpsec-design-choices-00 … Chris Hall