Re: [sidr] [Idr] AS_SET depreciation (RFC6472) and BGP multipath

Jeffrey Haas <jhaas@pfrc.org> Thu, 29 March 2012 08:21 UTC

Return-Path: <jhaas@slice.pfrc.org>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 76B2921F8A03; Thu, 29 Mar 2012 01:21:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.169
X-Spam-Level:
X-Spam-Status: No, score=-102.169 tagged_above=-999 required=5 tests=[AWL=0.096, BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UzmKC4-dPbEW; Thu, 29 Mar 2012 01:21:04 -0700 (PDT)
Received: from slice.pfrc.org (slice.pfrc.org [67.207.130.108]) by ietfa.amsl.com (Postfix) with ESMTP id E06ED21F8A07; Thu, 29 Mar 2012 01:21:03 -0700 (PDT)
Received: by slice.pfrc.org (Postfix, from userid 1001) id AC599170429; Thu, 29 Mar 2012 04:21:03 -0400 (EDT)
Date: Thu, 29 Mar 2012 04:21:03 -0400
From: Jeffrey Haas <jhaas@pfrc.org>
To: "Murphy, Sandra" <Sandra.Murphy@sparta.com>
Message-ID: <20120329082103.GC9609@slice>
References: <alpine.LFD.2.02.1203281401410.2692@jamaica.dcs.gla.ac.uk> <7309FCBCAE981B43ABBE69B31C8D21391B3EBFD895@EUSAACMS0701.eamcs.ericsson.se> <FBFDBAE5-9BF8-4708-9240-B775CAF46D56@raszuk.net> <7309FCBCAE981B43ABBE69B31C8D21391B3EBFD924@EUSAACMS0701.eamcs.ericsson.se> <alpine.LFD.2.02.1203281618090.2692@jamaica.dcs.gla.ac.uk> <CAL9jLaYqMwXVNKsHuBf_r8h==CGoee+D9k89Q4AZqT49jOQK1A@mail.gmail.com> <4F733C79.8080600@raszuk.net> <CAL9jLabVcWMtpu8usUS5w_BVPCG8ihvDcVjWbhnj_u6H-cdZkw@mail.gmail.com> <4F733FBE.1020902@raszuk.net> <24B20D14B2CD29478C8D5D6E9CBB29F60F6CB73F@Hermes.columbia.ads.sparta.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <24B20D14B2CD29478C8D5D6E9CBB29F60F6CB73F@Hermes.columbia.ads.sparta.com>
User-Agent: Mutt/1.5.20 (2009-06-14)
Cc: "idr@ietf.org List" <idr@ietf.org>, Paul Jakma <paul@jakma.org>, sidr wg list <sidr@ietf.org>
Subject: Re: [sidr] [Idr] AS_SET depreciation (RFC6472) and BGP multipath
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Mar 2012 08:21:04 -0000

Sandy,

On Wed, Mar 28, 2012 at 05:00:43PM +0000, Murphy, Sandra wrote:
> Replacing ASs in the AS_PATH sounds like a behavior you would want the security protections to prohibit.  It would enable attacks.
> 
> Can you explain how you would distinguish legitimate uses of this feature?

The feature is typically used on private AS numbers.

One could point out that any procedures dealing with them are probably out
of scope of SIDR. :-)

-- Jeff