Re: [sidr] I-D Action: draft-ietf-sidr-bgpsec-ops-07.txt
Randy Bush <randy@psg.com> Tue, 15 December 2015 08:58 UTC
Return-Path: <randy@psg.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E1B071A00FD for <sidr@ietfa.amsl.com>; Tue, 15 Dec 2015 00:58:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GCD10B60aCjv for <sidr@ietfa.amsl.com>; Tue, 15 Dec 2015 00:58:49 -0800 (PST)
Received: from ran.psg.com (ran.psg.com [IPv6:2001:418:8006::18]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CE1B11A00C3 for <sidr@ietf.org>; Tue, 15 Dec 2015 00:58:49 -0800 (PST)
Received: from localhost ([127.0.0.1] helo=ryuu.psg.com) by ran.psg.com with esmtp (Exim 4.82) (envelope-from <randy@psg.com>) id 1a8lRY-0006tZ-9z for sidr@ietf.org; Tue, 15 Dec 2015 08:58:48 +0000
Date: Tue, 15 Dec 2015 17:58:46 +0900
Message-ID: <m2mvtcm6k9.wl%randy@psg.com>
From: Randy Bush <randy@psg.com>
To: sidr wg list <sidr@ietf.org>
In-Reply-To: <20151215084814.19302.71570.idtracker@ietfa.amsl.com>
References: <20151215084814.19302.71570.idtracker@ietfa.amsl.com>
User-Agent: Wanderlust/2.15.9 (Almost Unreal) Emacs/22.3 Mule/5.0 (SAKAKI)
MIME-Version: 1.0 (generated by SEMI 1.14.7 - "Harue")
Content-Type: text/plain; charset="US-ASCII"
Archived-At: <http://mailarchive.ietf.org/arch/msg/sidr/l5H6rxXAEeAcBWyOyA0kBdkBBdU>
Subject: Re: [sidr] I-D Action: draft-ietf-sidr-bgpsec-ops-07.txt
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Dec 2015 08:58:51 -0000
thomas king and arnold nipper pointed out an omission which this fills A route server is usually 'transparent', most importantly not inserting its own AS into the AS_Path, to not lengthen the AS hop count and thereby reduce the likelihood of best path selection. See 2.2.2 of [I-D.ietf-idr-ix-bgp-route-server]. A BGPsec-aware route server needs to validate the incoming BGPSEC_Path, and to forward updates which can be validated by clients which know the route server's AS. The route server uses pCount of zero to not increase the effective AS hop count. randy
- [sidr] I-D Action: draft-ietf-sidr-bgpsec-ops-07.… internet-drafts
- Re: [sidr] I-D Action: draft-ietf-sidr-bgpsec-ops… Randy Bush