[sidr] Follow-up on June 6 Interim : Confederations
Matt Lepinski <mlepinski@bbn.com> Fri, 15 June 2012 19:08 UTC
Return-Path: <mlepinski@bbn.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 22FFD11E80C7 for <sidr@ietfa.amsl.com>; Fri, 15 Jun 2012 12:08:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ts8BKNC3Ssbb for <sidr@ietfa.amsl.com>; Fri, 15 Jun 2012 12:08:46 -0700 (PDT)
Received: from smtp.bbn.com (smtp.bbn.com [128.33.1.81]) by ietfa.amsl.com (Postfix) with ESMTP id 59C9311E8088 for <sidr@ietf.org>; Fri, 15 Jun 2012 12:08:41 -0700 (PDT)
Received: from mail.bbn.com ([128.33.0.48]:33449) by smtp.bbn.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.77 (FreeBSD)) (envelope-from <mlepinski@bbn.com>) id 1SfbsI-000DPN-NI for sidr@ietf.org; Fri, 15 Jun 2012 15:08:02 -0400
Received: from [128.89.253.157] by mail.bbn.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63) (envelope-from <mlepinski@bbn.com>) id 1Sfbst-0004MN-Dz for sidr@ietf.org; Fri, 15 Jun 2012 15:08:39 -0400
Message-ID: <4FDB8840.2030903@bbn.com>
Date: Fri, 15 Jun 2012 15:08:48 -0400
From: Matt Lepinski <mlepinski@bbn.com>
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:12.0) Gecko/20120428 Thunderbird/12.0.1
MIME-Version: 1.0
To: sidr@ietf.org
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Subject: [sidr] Follow-up on June 6 Interim : Confederations
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Jun 2012 19:08:47 -0000
We had significant discussion at the June 6 Interim on the topic of
supporting confederation in BGPSEC without an AS-Path attribute.
My understanding was that at the interim there was some consensus for
the following confederation solution (but this consensus has not yet
been discussed/confirmed this consensus on the list):
1) We specify the first bit in the (signed) Flags field of the
Secure_Path as a marker for entering a confederation.
(Note: the Flags field is specified in -03 version of the
bgpsec-protocol draft but all 8 Flag bits are reserved for future use in
-03)
2) When a signed (BGPSEC) update message enters a confederation, the
first member of the confederation who gets the update sets the first bit
of the Flags field to 1.
(That is, the first confederation member when adding its own AS
number to the Secure_Path also includes a Flags octet with the first bit
set to 1.)
3) When a signed (BGPSEC) update message is about to be sent to a peer
outside the confederation, the BGPSEC speaker traces backward through
the Secure_Path to find the most recently added Secure_Path segment
containing a Flags field whose first bit is set to 1. The BGPSEC speaker
then deletes all of the Secure_Path segments up to and including the
segment with the Flags bit set to 1. Finally, this BGPSEC speaker then
adds his a Secure_Path segment containing the Public AS of the
confederation.
(Note that this means that any BGPSEC speaker in a confederation who
has a peer external to the confederation must have a signing key
associated with an RPKI router certificate containing the public AS of
the confederation.)
The advantage of this above approach to confederations is that it does
NOT require that a BGPSEC speaker in a confederation be explicitly
configured with the AS numbers of every AS belonging to the
confederation. Also, this approach does not make any assumptions about
the loop detection algorithms employed by any BGP speaker on the path.
If it would be helpful, I could push a quick -04 revision to the
protocol specification next week that fleshes out what this change would
look like when incorporated into the BGPSEC protocol draft. (Though not
included in this message, the protocol draft will also need to include
explicit instructions for re-constructing the AS_confed_segments of the
AS_Path attribute in the case where within a confederation the update
message is sent to a peer that does not support BGPSEC.)
Final note: At the interim, we discussed both confederations as well as
AS number migration (and other circumstances in which a single router
needs to use different AS numbers on different BGP sessions to different
peers). I outlined above the protocol change that I believe is needed to
accommodate confederations, and I believe that no changes new protocol
mechanisms are needed to accommodate routers that use different AS
numbers on different BGP sessions. No one at the interim raised any
other issues arising from the removal of AS_Path. (That is, if you
weren't able to make it to the interim and you have a new issue that
arises from the removal of AS_Path from BGPSEC update messages, please
send mail to the SIDR list.)
- Matt Lepinski
- [sidr] Follow-up on June 6 Interim : Confederatio… Matt Lepinski
- Re: [sidr] Follow-up on June 6 Interim : Confeder… Sriram, Kotikalapudi
- Re: [sidr] Follow-up on June 6 Interim : Confeder… Matt Lepinski
- Re: [sidr] Follow-up on June 6 Interim : Confeder… Randy Bush
- Re: [sidr] Follow-up on June 6 Interim : Confeder… Sriram, Kotikalapudi
- Re: [sidr] Follow-up on June 6 Interim : Confeder… Randy Bush