IETF Logo Mail Archive

Re: [sidr] draft-sriram-idr-route-leak-detection-mitigation: difference between a peer and a customer

"Sriram, Kotikalapudi" <kotikalapudi.sriram@nist.gov> Wed, 15 July 2015 13:04 UTC

Return-Path: <kotikalapudi.sriram@nist.gov>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 06D931A8F35; Wed, 15 Jul 2015 06:04:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vVHewsS34m_4; Wed, 15 Jul 2015 06:04:00 -0700 (PDT)
Received: from na01-bn1-obe.outbound.protection.outlook.com (mail-bn1bon0732.outbound.protection.outlook.com [IPv6:2a01:111:f400:fc10::1:732]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 991F71A8F33; Wed, 15 Jul 2015 06:04:00 -0700 (PDT)
Received: from SN1PR09MB0799.namprd09.prod.outlook.com (10.162.101.145) by SN1PR09MB0797.namprd09.prod.outlook.com (10.162.101.143) with Microsoft SMTP Server (TLS) id 15.1.213.14; Wed, 15 Jul 2015 13:03:39 +0000
Received: from SN1PR09MB0799.namprd09.prod.outlook.com ([10.162.101.145]) by SN1PR09MB0799.namprd09.prod.outlook.com ([10.162.101.145]) with mapi id 15.01.0213.000; Wed, 15 Jul 2015 13:03:39 +0000
From: "Sriram, Kotikalapudi" <kotikalapudi.sriram@nist.gov>
To: Andrei Robachevsky <andrei.robachevsky@gmail.com>
Thread-Topic: draft-sriram-idr-route-leak-detection-mitigation: difference between a peer and a customer
Thread-Index: AQHQvhEfZNxwzI8V2ECO5TICdbuD2Z3cfN/4
Date: Wed, 15 Jul 2015 13:03:39 +0000
Message-ID: <SN1PR09MB0799CC8746BA0C27BEA5B5D4849A0@SN1PR09MB0799.namprd09.prod.outlook.com>
References: <005901d0b283$ea07bd20$be173760$@ndzh.com> <m2fv52b1w1.wl%randy@psg.com> <CY1PR09MB07939BA36BB01C19AD9AC2A384930@CY1PR09MB0793.namprd09.prod.outlook.com> <CAL9jLab5LOfeSYGzt=ywAwkoJdbe4moXD2w5LsGF-L_Cju_TUw@mail.gmail.com> <CY1PR09MB0793E39F703D436A3E21805B84900@CY1PR09MB0793.namprd09.prod.outlook.com>, <55A4CB9B.2050207@gmail.com>
In-Reply-To: <55A4CB9B.2050207@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;
x-originating-ip: [129.6.222.120]
x-microsoft-exchange-diagnostics: 1; SN1PR09MB0797; 5:EkXjRldeuVlA2N1ATiFWoxuUwYA/wE15+ebirxO9qv5A9o3XPUSiv+FmdbZ8q1Tpxr2rVaS9aA4IINnGlh+j6DHgw64WwRgF7futAmQLwfScewYg9+TwpMKsxiwPjOYYnANsNgF8g9n/aHQRsL0IWg==; 24:4caH0F+rzJyAeXbP37RlhgUP9KyBCHUuNk4AnO3bzTBWH/nxKRn9oFNr91d+B3sqHQ2Ni+rbBmGbTm5Bjw1pMGOMpVEzsEcMpByc+sbCyRI=; 20:GhyJ6z7Mun7fC444iMfLElnFsxbnoqk5P4fGDxotpqXSsikbukG9Nuw/TXYpwIHZpOT6RfrXjY0RwVRrtffcFw==
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:SN1PR09MB0797;
sn1pr09mb0797: X-MS-Exchange-Organization-RulesExecuted
x-microsoft-antispam-prvs: <SN1PR09MB07979E61C9AC2ACF3DB91EDD849A0@SN1PR09MB0797.namprd09.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(601004)(5005006)(3002001); SRVR:SN1PR09MB0797; BCL:0; PCL:0; RULEID:; SRVR:SN1PR09MB0797;
x-forefront-prvs: 0638FD5066
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(189998001)(87936001)(33656002)(2656002)(93886004)(5003600100002)(5002640100001)(122556002)(62966003)(76176999)(5001960100002)(40100003)(50986999)(66066001)(86362001)(230783001)(46102003)(2900100001)(106116001)(110136002)(77096005)(92566002)(77156002)(54356999)(99286002)(76576001)(74316001)(561944003)(102836002)(2950100001); DIR:OUT; SFP:1102; SCL:1; SRVR:SN1PR09MB0797; H:SN1PR09MB0799.namprd09.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en;
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: nist.gov
X-MS-Exchange-CrossTenant-originalarrivaltime: 15 Jul 2015 13:03:39.5657 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 2ab5d82f-d8fa-4797-a93e-054655c61dec
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR09MB0797
Archived-At: <http://mailarchive.ietf.org/arch/msg/sidr/tFa-1xWtHSC9E6qMZg59p4q7Utc>
Cc: idr wg list <idr@ietf.org>, "sidr wg list (sidr@ietf.org)" <sidr@ietf.org>
Subject: Re: [sidr] draft-sriram-idr-route-leak-detection-mitigation: difference between a peer and a customer
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Jul 2015 13:04:03 -0000

Andrei,

Thank you for reading the draft and offering comments -- certainly very helpful
towards refining the proposal as well adding greater clarity in the document.

>It seems to me that sections 3.2.1. and 3.2.2. propose the same
>algorithm (modulo the BGP neighbor is a customer or a peer). 

Your observation is correct. It has to do with the semantics of RLP bits.
For now, we have RLP = 00 (default; nothing said) and RLP = 01 ('do not propagate up').
'Do not propagate up' certainly means that the update should not subsequently 
propagate from a customer to its provider.
However, a receiver can (at its own discretion) interpret RLP = 01 more strictly 
to mean 'do not propagate to provider or peer'. 
That is because if an ISP is not supposed to forward an update with RLP = 01 
'up' to a provider, then normally it should not forward it 'laterally' to a peer either.
So we have separated the receiver detection procedures for 
(a) when the update comes from a *customer* (section 3.2.1), and 
vs. (b) when it comes from a *peer* (section 3.2.2).
The difference is the stricter interpretation (in Section 3.2.2) of RLP = 01.
Initially the attempt is to see if we can keep the RLP semantics simple,
and still accomplish the detection objectives w.r.t. customer/peer. 
These two section can be merged into one if, for example, 
RLP = 01 is specified to denote 'do not propagate to provider or peer'.  

>The difference in the "possible actions" (3.3.) is not clear to me either.

When an update is detected and 'marked' as 'route leak' (based on section 3.2.1 or 3.2.2 detection),
then the same/similar method(s) of mitigation can be applied (in the two cases). 
The draft should not specify a mitigation method because that is left to operator policy.
So we describe only an *example* policy: Suspend the "prefer customer" policy;
i.e. instead of a 'marked' update from a customer, prefer an 'unmarked'
update from a provider or peer. Some similar policy can be applied for a peer. 
Let the operator decide the actual policy to be used in each case.

>Finally, what is the proposed action when an RLP-marked update is
>received from an upstream?

Good point. The draft currently does not discuss this. If the customer
is single-homed and does not have any alternate path for the prefix,
then it would install the route learned from its sole provider even if it is 'marked'.
If the customer is multi-homed, it should prefer an 'unmarked' update from 
one provider over a 'marked' update from another provider. Etc.
Again these actions/methods are left to operator policy.
However, in the next revision, we will include a subsection to outline this.  

Sriram

v2.23.0 | Report a Bug | By Email