Re: [Sidrops] [GROW] ASPA and Route Server (was RE: IXP Route Server question)
"Sriram, Kotikalapudi (Fed)" <kotikalapudi.sriram@nist.gov> Wed, 23 March 2022 18:56 UTC
Return-Path: <kotikalapudi.sriram@nist.gov>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id 7BF7F3A194C;
Wed, 23 Mar 2022 11:56:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.112
X-Spam-Level:
X-Spam-Status: No, score=-2.112 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1,
DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
FROM_GOV_DKIM_AU=-0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01,
URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key)
header.d=nist.gov
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id STXCwbV9zbHd; Wed, 23 Mar 2022 11:56:46 -0700 (PDT)
Received: from GCC02-BL0-obe.outbound.protection.outlook.com
(mail-bl0gcc02on2071b.outbound.protection.outlook.com
[IPv6:2a01:111:f400:7d05::71b])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id 7D9DF3A194B;
Wed, 23 Mar 2022 11:56:46 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
b=SU4i4KvtV8LdcG1WaHlExckDNvHy67MPKv8YJ/H6wHp13uJzct/LHv3DqHTPmSOlSTiFrSYns7xHo0yfy6eXKg7eu0ukOdUdHC3MLMgS3IjuewV6b0B81OQlsAXrqsPd64fFdj5S5mj3/TT3Msi0npaSk5T+fMBe2g8CW1gYzNBhC1r+Lw0mJ52JBBJlGMESMEya13AQySxtMyAdj6QSiMb/BGFGsJ9j3DXoyADcwBkG0o1Vl/g00tZcm62DLhRtroh9j3YYxZPLeSxr0JIljcQgsf2eFY7anqtYiONLkpSwQ1Z0Kd8LlbZxj2rA+Alp6RmDpJL/1reSjZnkbc5bkw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
s=arcselector9901;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
bh=+SPndSQwhfpGbmJktiAnOaqLKjHDxleJ8Oh9Ps3azOg=;
b=VTVY+zWw1Y/dpLphudOspTpDJrbXoGs7HEz56IsvbeBL6Pc6XvgPguSNVezMGCzwj7jRJs+HjSVIw31BDP0n2JWoE331jr/hf3L+F6og+89FcWJabG01X75tV7/xwDPYk7yzpXgDZeDn+U9AftCQY1Kg37LezLJre78qpFOzKlD18Vz6fmjtLlr8VMWut0I9iaocFQRb/1w0LAFVBVp2o55nN3iQw60GFFU29noY8XsnzzVmEnEk0DMLctN6ZQB8ZE9tlRJ20DBz6pWSwbiBFhF7VbwaQqXEWwYNO/WLENLjq52VrjJa5L7qEeFynyu9xsa2XX0min4Bk/s0WR4VDA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
smtp.mailfrom=nist.gov; dmarc=pass action=none header.from=nist.gov;
dkim=pass header.d=nist.gov; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nist.gov; s=selector2;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
bh=+SPndSQwhfpGbmJktiAnOaqLKjHDxleJ8Oh9Ps3azOg=;
b=GHjAeWM9UyNuxuAf4e8MSpJ64gS1/gm2FtYJ1jQBcoQu+rKDFRvXh0w1L82qYvGZHhTXg7RLXFXOp56WJcB+2CHqqDnjEhijniQ6fYBqjDH9RZkuFquuDioorfFZ4/ePK0cl5oc9nxQKbbeW04YDiRrlREdkdtZPE9/aMsmQhNg=
Received: from SA1PR09MB8142.namprd09.prod.outlook.com (2603:10b6:806:171::8)
by BY5PR09MB4964.namprd09.prod.outlook.com (2603:10b6:a03:247::16)
with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5081.19; Wed, 23 Mar
2022 18:56:41 +0000
Received: from SA1PR09MB8142.namprd09.prod.outlook.com
([fe80::c99c:1af3:8454:5d6a]) by SA1PR09MB8142.namprd09.prod.outlook.com
([fe80::c99c:1af3:8454:5d6a%6]) with mapi id 15.20.5102.017; Wed, 23 Mar 2022
18:56:41 +0000
From: "Sriram, Kotikalapudi (Fed)" <kotikalapudi.sriram@nist.gov>
To: "Jakob Heitz (jheitz)" <jheitz@cisco.com>, Zhuangshunwan
<zhuangshunwan@huawei.com>
CC: Jeffrey Haas <jhaas@pfrc.org>, "sidrops@ietf.org" <sidrops@ietf.org>,
"grow@ietf.org" <grow@ietf.org>, Nick Hilliard <nick@foobar.org>
Thread-Topic: [GROW] [Sidrops] ASPA and Route Server (was RE: IXP Route Server
question)
Thread-Index: AQHYPULXMMKnMnklKEmxZqImduurxazKE6GAgAA0FfCAAJnqAIAAHluAgAIZtbA=
Date: Wed, 23 Mar 2022 18:56:41 +0000
Message-ID: <SA1PR09MB81427A1A7E3E24244F030A7284189@SA1PR09MB8142.namprd09.prod.outlook.com>
References: <BY3PR09MB81315D53064951F865F2A23884109@BY3PR09MB8131.namprd09.prod.outlook.com>
<SA1PR09MB814268C7DB52D8758817217984159@SA1PR09MB8142.namprd09.prod.outlook.com>
<CABNhwV30Guy28qBR_eA==CUy2Xj24OfPwxV0n2gFF7wVrgBMpg@mail.gmail.com>
<BYAPR11MB3207DE083AD888F3C963E347C0169@BYAPR11MB3207.namprd11.prod.outlook.com>
<a07986fb2d7147c0abb36229237d8982@huawei.com>
<B1660213-CEB8-48C1-B44E-DC3D43510031@pfrc.org>
<BYAPR11MB32077BA1382FC96F88A26248C0169@BYAPR11MB3207.namprd11.prod.outlook.com>
<SA1PR09MB81422068759D8D1A4258F5FD84169@SA1PR09MB8142.namprd09.prod.outlook.com>
<473f0482508e4b2e86e76986c74828f9@huawei.com>
<384BFD6B-1477-469E-A255-B822F8B0CB05@cisco.com>
In-Reply-To: <384BFD6B-1477-469E-A255-B822F8B0CB05@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed)
header.d=none;dmarc=none action=none header.from=nist.gov;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 20f8dedf-3c66-4ecb-65d6-08da0cfede10
x-ms-traffictypediagnostic: BY5PR09MB4964:EE_
x-microsoft-antispam-prvs: <BY5PR09MB49647ED36CEC724E437DF77B84189@BY5PR09MB4964.namprd09.prod.outlook.com>
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: MAFCMOqHmAU/XDC+bHRHNqyNjKbVyG5VIVI3tDmKnxA9e369eRoyy7F13CYapKNxpOSCpkxbzng3zNetXLV3igPLdowmkM7L+kaPJSkWyBo9DSY1O+DMBt5bx1QStu8LXBj3QQhTrlTJYfB5dsQWodMQvlIpiuL3TEHQReGo1pJFPpdqcdkehYBRKejAz7DIoRD41UeslvBoLuiF8PZbMzJMHKox5WGZhz9wi3w8wS3ngMigYqDvSAXZjY9/A1vGmRBHmuKHMk2HJhxMqAaKarHOlfimHE3H0hIn45+ukDBBMxkC0USgFlWlHuAalN+mj9hCVa6S9NBrtxNqz5oRVg2l/EjWu8IcxutB8f9rrclcrdAzCQDcq7+cuAYvTeyKz/DHO7V1ojV8nNO0ZMHyPfTL/ekqPva3He0XAuSPoaGfP0PdMIA0e7d7pw9/B35PNRfNCVD0MLxrDNSJxUDypBxV0MRqikgrhDqn3ecScC35n43W8RGVLBZ73KDT1gvB+t4H2/1sURjmHAgR4cq7mUgkZvTzMcfxUtJifpu3CvZep3P8yD+48ErlDudcHMEem5PJIIQbionAm6oiPIIXYedSWWCrKhQTU8bCaAM3AroKU+jTcS2ux5IQKcv3RQcewYZzkiNVDtWd6BxmeL7x7SCpyJ2QjoxvU+CO2tHT+KC3qIs/543Dc6zOSO1K1zjoFLOQYfLZS9sTw9TSDOMfrQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:;
IPV:NLI; SFV:NSPM;
H:SA1PR09MB8142.namprd09.prod.outlook.com; PTR:; CAT:NONE;
SFS:(13230001)(4636009)(366004)(52536014)(8936002)(4744005)(86362001)(186003)(2906002)(6506007)(5660300002)(7696005)(33656002)(9686003)(38100700002)(82960400001)(55016003)(122000001)(71200400001)(26005)(38070700005)(4326008)(110136005)(8676002)(54906003)(66946007)(66556008)(66476007)(76116006)(316002)(66446008)(64756008)(508600001);
DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: =?utf-8?B?ZFZ4ZWpYaHRCUmt0Wk1iekxPZkRVRllNNnZUR29tUjZiZXp2bVdzQ0RaNVFB?=
=?utf-8?B?YWtlb1l4ZDZjMFpKVzl2VzJ4Z1RDVDduQWhaWk5GUTdYN3RBSXRkampJcjlJ?=
=?utf-8?B?RWoyeTFXWmg1bjhITmVuT0FhMTJIbXo4TThsYzBBMGtQUXNaWmZBNlpsOFVv?=
=?utf-8?B?S3ZiTUgvQnQ1VE9xdEI5S2tCNWZJbDBGcXhPOXVwOFZ5dWpuWmo4VitwdmpP?=
=?utf-8?B?TUpEK2pMQUVCb3NyOHlPZ3RKUFYyZy9CNllBL245b1Fqc0pQSEMxMTB5TDV0?=
=?utf-8?B?U0RhSTBLY2REais2RWUzWEU3eWlsMTZvYmpZOXVZVXpidVpzVGVqOUpodGU0?=
=?utf-8?B?SGdTU1ppckwybGdxMWtIZ2dCY2lrek50TDdPVzVtdkdQMEREV2paNFRHRHM5?=
=?utf-8?B?NGR1L2pMRmQ2d0NRTVZZcUdFOVZwV3plTWk2SGRTT0xoclZWT1NUbFhvTHlM?=
=?utf-8?B?SXR3Vm44d0trMmo5cEYxWXlPS2hEdFk5dllmNS9MeGVvZGE5ZkNJekZTakh2?=
=?utf-8?B?cDZWMWVmWVV2TkU1cXVwYkFUaGgyMEtsWXRzc3psd293elE4QzMrMWp3ZXBW?=
=?utf-8?B?OHgyUWcrQnQ3YUp6RWhGcDMwRmtIelIwYk11SktRRmdEZXZwVUJtcmhtaFNy?=
=?utf-8?B?N0NhMnh3QUVWTHVLRitoY2YvZVRZM3ZPS05aYTVzOUZFM0VQdTBaQ2MzL0tU?=
=?utf-8?B?Q3hUL0FGVi9vVjBpb0tvWlR5UWlCam1wSkR4VHg2SWExZ2Q4bkpGaWw2cTFG?=
=?utf-8?B?U3Y1ZFpUVkZTSDhOWlFJMHdzZUVaYXh0b0x6eWpudXoyTFI3MHB5Mnh6b2xJ?=
=?utf-8?B?K24vM0dhcUdsMWhJTHczTE5mV0tDV01adXdvbXhRQTRDTXgvamgvVjg1cnRj?=
=?utf-8?B?czdyT0pFUGxUSldxSE53Q2EwMklMN0dUbklOKzJCWm5zQUZCSEJIRGUvRzN0?=
=?utf-8?B?M3ZQUTd0b0UyYzFYNzdsOFNCcGJFSE1xbHJYenRQdWxva0c2ajdrN3B2QUR5?=
=?utf-8?B?eStSQU5JT0loQUdMM1JlSGNmMENHeTVRYllKWmZ2NkRBY1JlU2NJM25zN3dQ?=
=?utf-8?B?ZWx1NGxHblZuSitzcHZyeGo4RVdqaUVSTDdZVVdBTE44aEZRVGxuOWhZOFlQ?=
=?utf-8?B?RkRMT0pJbzc2c04yeWRrb1dqaVBIWlFrREVuRERQTnVnb096VStTRStwRnR4?=
=?utf-8?B?Q0xEQTl4TzgzR0U5cm9jY2crZkI4RWlBWlV2YjViS0FUZGZlUEJpYWhkV0lS?=
=?utf-8?B?a0FPc0JWVHRVUnB1S1IyY3BnLzVMMGtJbTBMZUNRWFAyZzZoTEVmQjRzN3hO?=
=?utf-8?B?SW5FZ0dOY3FpNE5tQm9oNHpMZXJCalF0WmdPTlNQK1lYUHpGeEZPWDFrQk1S?=
=?utf-8?B?RGRkT054cldpNlplWnowdi9MMmozcE02dHhRVXRNZTZsVEJWalZ1WVBoV0ow?=
=?utf-8?B?eHkwc2o3TVQ1WjE1Wko2aGY0WHk4b1BienNiZHR3UDI4dkFxMHZnUlhxQlRW?=
=?utf-8?B?dTBPdStBb283YXc3TytsZnBtM0k4bllVbUF6VmhZVnE1WktnS0xuS3Rrcitt?=
=?utf-8?B?RENaZm14VVlxVzAyT056Q0hUU1BLeFBGeHNIbmJpTW1taUNjOVZnTW1CbEVS?=
=?utf-8?B?MWNBSlE0dXVvaHFoNUhjZU85UHVHeTREV0VaWjA1WVRvNjMwWDNTRms0OCsw?=
=?utf-8?B?RzA5UUdqL3dlU3o5dGtKZEVNVnJ5YXFHYmJFV1VNVWkyUTY2Z2FJRTNyaGRp?=
=?utf-8?B?cW5BOUxRVW9sM2VJSkhEV0tnTVdyYlZKai9UUlliLzY0ZmRDVFNNZEx6Y2ZC?=
=?utf-8?B?V0R6YWdUTzJ5YzBhbE1mY1dMMjZOcS9CVTRyTDA0Y25SWlc2YXBzcnFoTk5k?=
=?utf-8?B?b00vR21NTzhxd29yaEF3TTNtTHJvWW9Cd3R6d0pjbXNmdndyWmEzOW1mOTd2?=
=?utf-8?Q?m+iCkpQVEVU=3D?=
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: nist.gov
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SA1PR09MB8142.namprd09.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 20f8dedf-3c66-4ecb-65d6-08da0cfede10
X-MS-Exchange-CrossTenant-originalarrivaltime: 23 Mar 2022 18:56:41.2252 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 2ab5d82f-d8fa-4797-a93e-054655c61dec
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR09MB4964
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/9pw0T_6j97OhNabF6Pe0iWBRB90>
Subject: Re: [Sidrops] [GROW] ASPA and Route Server (was RE: IXP Route
Server question)
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>,
<mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>,
<mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Mar 2022 18:56:52 -0000
Hi Jakob,
>> AS1 (RS Client) -----> AS2 (RS) -----> AS3 (RS Client) ---p2p (lateral peer) ---> AS4 (validating AS)
...
>The AS-path at AS4 is (4 3 1).
>If you assume that AS1 and AS3 are bilateral peers, then both sides of AS3 declare AS3 not to be its provider. AS3 >has both sides non-customer. That's a leak.
Right. It seems we agree. A set of APSAs needs to be in place. They can be enumerated as follows:
{AS1, AS2} – AS1 attests AS2 (RS) as a provider
{AS3, AS2} – AS3 attests AS2 (RS) as a provider
{AS2, AS 0} – RS (AS2) creates an ASPA with AS 0 (this is already specified in the draft)
The first two ASPAs *implicitly* declare that AS3 is not a provider of AS1 and vice versa. That implies that they are p2p. AS4 does not need to look at its own ASPA. It knows it is p2p with AS3.
Specifying that each RS-client creates ASPA showing the RS as a provider is a solution component that we (Nick, me, Shunwan, ...) seem to be converging to.
Just to be sure the focus is on transparent RS.
Sriram
- [Sidrops] ASPA and Route Server (was RE: [GROW] I… Sriram, Kotikalapudi (Fed)
- Re: [Sidrops] ASPA and Route Server (was RE: [GRO… Zhuangshunwan
- Re: [Sidrops] [GROW] ASPA and Route Server (was R… Sriram, Kotikalapudi (Fed)
- Re: [Sidrops] ASPA and Route Server (was RE: [GRO… Sriram, Kotikalapudi (Fed)
- Re: [Sidrops] [GROW] ASPA and Route Server (was R… Gyan Mishra
- Re: [Sidrops] [GROW] ASPA and Route Server (was R… Jakob Heitz (jheitz)
- Re: [Sidrops] [GROW] ASPA and Route Server (was R… Zhuangshunwan
- Re: [Sidrops] [GROW] ASPA and Route Server (was R… Sriram, Kotikalapudi (Fed)
- Re: [Sidrops] [GROW] ASPA and Route Server (was R… Gyan Mishra
- Re: [Sidrops] [GROW] ASPA and Route Server (was R… Jeffrey Haas
- Re: [Sidrops] [GROW] ASPA and Route Server (was R… Jakob Heitz (jheitz)
- Re: [Sidrops] [GROW] ASPA and Route Server (was R… Sriram, Kotikalapudi (Fed)
- Re: [Sidrops] [GROW] ASPA and Route Server (was R… Zhuangshunwan
- Re: [Sidrops] [GROW] ASPA and Route Server (was R… Jakob Heitz (jheitz)
- Re: [Sidrops] [GROW] ASPA and Route Server (was R… Sriram, Kotikalapudi (Fed)
- Re: [Sidrops] [GROW] ASPA and Route Server (was R… Sriram, Kotikalapudi (Fed)
- Re: [Sidrops] [GROW] ASPA and Route Server (was R… Jakob Heitz (jheitz)
- Re: [Sidrops] [GROW] ASPA and Route Server (was R… Jakob Heitz (jheitz)
- Re: [Sidrops] [GROW] ASPA and Route Server (was R… Sriram, Kotikalapudi (Fed)
- Re: [Sidrops] [GROW] ASPA and Route Server (was R… Jakob Heitz (jheitz)
- Re: [Sidrops] [GROW] ASPA and Route Server (was R… Sriram, Kotikalapudi (Fed)
- Re: [Sidrops] [GROW] ASPA and Route Server (was R… Zhuangshunwan