Re: [sidr] [Idr] No BGPSEC intradomain ?

Robert Raszuk <robert@raszuk.net> Tue, 10 April 2012 17:57 UTC

Return-Path: <robert@raszuk.net>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F127B11E810C for <sidr@ietfa.amsl.com>; Tue, 10 Apr 2012 10:57:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.299
X-Spam-Level:
X-Spam-Status: No, score=-2.299 tagged_above=-999 required=5 tests=[AWL=-0.300, BAYES_00=-2.599, J_CHICKENPOX_14=0.6]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 69VGsjQzfMOn for <sidr@ietfa.amsl.com>; Tue, 10 Apr 2012 10:57:46 -0700 (PDT)
Received: from mail1310.opentransfer.com (mail1310.opentransfer.com [76.162.254.103]) by ietfa.amsl.com (Postfix) with ESMTP id 4E5AE11E8103 for <sidr@ietf.org>; Tue, 10 Apr 2012 10:57:46 -0700 (PDT)
Received: (qmail 26923 invoked by uid 399); 10 Apr 2012 17:57:45 -0000
Received: from unknown (HELO ?192.168.1.57?) (pbs:m42@mojaklasa.info@83.31.51.142) by mail1310.opentransfer.com with ESMTPM; 10 Apr 2012 17:57:45 -0000
X-Originating-IP: 83.31.51.142
Message-ID: <4F847499.9040105@raszuk.net>
Date: Tue, 10 Apr 2012 19:57:45 +0200
From: Robert Raszuk <robert@raszuk.net>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:11.0) Gecko/20120312 Thunderbird/11.0
MIME-Version: 1.0
To: Christopher Morrow <morrowc.lists@gmail.com>
References: <D7A0423E5E193F40BE6E94126930C4930B96182E71@MBCLUSTER.xchange.nist.gov> <4F828D6D.10907@raszuk.net> <D7A0423E5E193F40BE6E94126930C4930B96C507DA@MBCLUSTER.xchange.nist.gov> <4F830E75.70606@raszuk.net> <24B20D14B2CD29478C8D5D6E9CBB29F60F6F1533@Hermes.columbia.ads.sparta.com> <4F832F5E.9030903@raszuk.net> <0BD03B75-CA3A-4CBA-BBF4-E2100AFA64E4@kumari.net> <4F846121.2050408@raszuk.net> <CAL9jLaYF-MW1cJ2n28BiV1mi+tpPS2ECKB2UxhFMQ=NXxbihCg@mail.gmail.com> <4F846736.2060604@raszuk.net> <CAL9jLaa4d+teV0xwgtMVfVfAKK89AwWkk3OQxGaT_sw6psuDiQ@mail.gmail.com>
In-Reply-To: <CAL9jLaa4d+teV0xwgtMVfVfAKK89AwWkk3OQxGaT_sw6psuDiQ@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: "idr@ietf.org List" <idr@ietf.org>, sidr@ietf.org
Subject: Re: [sidr] [Idr] No BGPSEC intradomain ?
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: robert@raszuk.net
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Apr 2012 17:57:47 -0000

>> All BGP monitoring tools need to be upgraded to now understand BGPSEC
>> attribute too. And surprise .. here BMP will not convert it like it will to
>> "legacy" speakers.
>
> sure, they'd have to do that anyway, or they just are
> 'non-bgpsec-speakers' (an e|ibgp neighbour without security foo). In
> other words, tomorrow for them is the same as today, the world keeps
> on going round.

No. You are breaking things. BMP is not ibgp nor it is ebgp ! The 
station which works today and get's BGP sessions over BMP will now be 
useless as AS_PATH will not be there.

I assumed you know, but BMP idea is to replay what you are receiving (as 
verbatim as implementation allows).

> maybe? so far you've not convinced me... you can feel free to keep
> trying though? email is cheap.

I am not sure there is point in "convincing". Removing mandatory path 
attribute from BGP would be something IDR WG has to formally approve. 
And it will be an interesting precedence in any case ;)

Cheers,
R.