Re: [sidr] [Idr] No BGPSEC intradomain ?

Christopher Morrow <morrowc.lists@gmail.com> Tue, 10 April 2012 04:59 UTC

Return-Path: <christopher.morrow@gmail.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E707D21F875E; Mon, 9 Apr 2012 21:59:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.599
X-Spam-Level:
X-Spam-Status: No, score=-103.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gXtvQmKir76b; Mon, 9 Apr 2012 21:59:11 -0700 (PDT)
Received: from mail-ob0-f172.google.com (mail-ob0-f172.google.com [209.85.214.172]) by ietfa.amsl.com (Postfix) with ESMTP id 5499421F875B; Mon, 9 Apr 2012 21:59:11 -0700 (PDT)
Received: by obbtb4 with SMTP id tb4so7609817obb.31 for <multiple recipients>; Mon, 09 Apr 2012 21:59:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type; bh=KTgEja/96FzWQIz6Qo1OvhIb8X2TJIWJDcmvmAiyeUQ=; b=dWsO+3vAnfwyd6YIthp2xIou2MuOvQ39BMzacFNJFAVmUJQw9D1y4zZBVc2TQ8My6l xbEsIIOwtFEs1YrRMwov+i3GY0alMKbRm6y67vhgSzOjrW8EPK6k1R4TjGIlMYnysbNG WM0oDQGIxLPGNMjhJmmaY4882MEjHFeyStWRWzjgRE1kwciTixqOptvbiS8xIFyuLc03 dF6KQ5YTPog8W8aTgpM40MLkSc+V5Oo5AHv7dJDbpBs3IJgiv4CquRN/biZ+mXtWzXdD sVnMkq6ZQgLWryT2Dnr01jUErBirXulJekw3B+7iC1k4jMnPVZhAs9yTqZWQcQgPdVO4 JVig==
MIME-Version: 1.0
Received: by 10.182.159.41 with SMTP id wz9mr13759348obb.69.1334033950934; Mon, 09 Apr 2012 21:59:10 -0700 (PDT)
Sender: christopher.morrow@gmail.com
Received: by 10.182.153.34 with HTTP; Mon, 9 Apr 2012 21:59:10 -0700 (PDT)
In-Reply-To: <4F832F5E.9030903@raszuk.net>
References: <D7A0423E5E193F40BE6E94126930C4930B96182E71@MBCLUSTER.xchange.nist.gov> <4F828D6D.10907@raszuk.net> <D7A0423E5E193F40BE6E94126930C4930B96C507DA@MBCLUSTER.xchange.nist.gov> <4F830E75.70606@raszuk.net> <24B20D14B2CD29478C8D5D6E9CBB29F60F6F1533@Hermes.columbia.ads.sparta.com> <4F832F5E.9030903@raszuk.net>
Date: Tue, 10 Apr 2012 00:59:10 -0400
X-Google-Sender-Auth: uJVQJ9W_HRLVn57atFNG5YoK38c
Message-ID: <CAL9jLaa5J9iJ_EBGQDr3mOG4eHoNvu4t_NERFxoF-UCB4rgLTg@mail.gmail.com>
From: Christopher Morrow <morrowc.lists@gmail.com>
To: robert@raszuk.net
Content-Type: text/plain; charset=ISO-8859-1
Cc: "idr@ietf.org List" <idr@ietf.org>, "Murphy, Sandra" <Sandra.Murphy@sparta.com>, sidr wg list <sidr@ietf.org>
Subject: Re: [sidr] [Idr] No BGPSEC intradomain ?
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Apr 2012 04:59:12 -0000

On Mon, Apr 9, 2012 at 2:50 PM, Robert Raszuk <robert@raszuk.net> wrote:
> Hi,
>
>> And intradomain BGP speakers do not use bgpsec (ebgp sessions only).
>
>
> I do not understand. How a BGP Update will transit via an AS where each
> router is a real BGP speaker and where as some proposed BGP mandatory
> AS_PATH attribute is not present ?

The last sentence, it doesn't parse quite clearly for me... could you
re-state it?

>
> Are you assuming each AS today is BGP Free with full mesh of MPLS/IP tunnel
> ASBR to ASBR as transport ? Even in this case ASBRs are connected directly
> or indirectly (RRs) via IBGP.

no assumption was made of this sort.

> As you proposing to remove AS_PATH selection criteria from best path for
> updates which come over IBGP ? What happens if you need to compare paths

no

> received over EBGP and IBGP on a given BGP speaker ?

I think what you want is actually sort of discussed in:
<http://tools.ietf.org/html/draft-ietf-sidr-bgpsec-protocol-02#section-4>

-chris