IETF Logo Mail Archive

Re: [Sidrops] [GROW] IXP Route Server question

Nick Hilliard <nick@foobar.org> Sat, 12 March 2022 21:59 UTC

Return-Path: <nick@foobar.org>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DA0703A1051; Sat, 12 Mar 2022 13:59:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id voeaVzGcz04h; Sat, 12 Mar 2022 13:59:37 -0800 (PST)
Received: from mail.netability.ie (mail.netability.ie [46.182.8.5]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F2E8E3A1047; Sat, 12 Mar 2022 13:59:33 -0800 (PST)
Received: from crumpet.local (admin.ibn.ie [46.182.8.8]) by mail.netability.ie (Postfix) with ESMTPSA id 9FE4D9CC3B; Sat, 12 Mar 2022 21:59:29 +0000 (GMT)
To: Ben Maddison <benm@workonline.africa>
Cc: "Sriram, Kotikalapudi (Fed)" <kotikalapudi.sriram@nist.gov>, "grow@ietf.org" <grow@ietf.org>, "sidrops@ietf.org" <sidrops@ietf.org>
References: <SA1PR09MB8142093BE50A27A7EED132D884099@SA1PR09MB8142.namprd09.prod.outlook.com> <0db7749f-66fd-5def-a8bb-3ee316cf2ca1@foobar.org> <SA1PR09MB81421BCBA7FB59615A7638A5840B9@SA1PR09MB8142.namprd09.prod.outlook.com> <fa0b5b32-6541-f493-e02b-fe75d44dacd5@foobar.org> <20220311072307.gymne3ofnfsrinkc@benm-laptop>
From: Nick Hilliard <nick@foobar.org>
Message-ID: <517ea9bd-4ee1-44cb-3373-eb0552191b2b@foobar.org>
Date: Sat, 12 Mar 2022 21:59:28 +0000
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.16; rv:52.0) Gecko/20100101 PostboxApp/7.0.54
MIME-Version: 1.0
In-Reply-To: <20220311072307.gymne3ofnfsrinkc@benm-laptop>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Language: en-GB
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/I2a05YrOEYrRRdEg1ZHOOln6BCw>
Subject: Re: [Sidrops] [GROW] IXP Route Server question
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 12 Mar 2022 21:59:42 -0000

Ben Maddison wrote on 11/03/2022 07:23:
> Essential, I would think: how could a far end relying party know that an
> AS in the middle of a received AS_PATH is a non-transparent IXP RS in
> order to apply any other treatment?

given that they're a shrinking rarity, would it not make sense to 
completely exclude non-transparent RSs from the ASPA definition? In the 
short term this would cause problems for ASNs which connect to 
non-transparent RSs, but there are hardly any left, and only one 
sizeable one.

I wonder whether it's a good idea to design a long term security 
mechanism which includes a specific carve-out for a legacy corner case 
like this.

Nick

v2.8.7 | Report a Bug | By Email