Re: [Sidrops] Comments on draft-ietf-sidrops-validating-bgp-speaker
Job Snijders <job@ntt.net> Thu, 15 February 2018 13:44 UTC
Return-Path: <job@instituut.net>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BE6C712DA08 for <sidrops@ietfa.amsl.com>; Thu, 15 Feb 2018 05:44:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.919
X-Spam-Level:
X-Spam-Status: No, score=-1.919 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LZwXCjo5oyO5 for <sidrops@ietfa.amsl.com>; Thu, 15 Feb 2018 05:44:23 -0800 (PST)
Received: from mail-wm0-f47.google.com (mail-wm0-f47.google.com [74.125.82.47]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1315712420B for <sidrops@ietf.org>; Thu, 15 Feb 2018 05:44:22 -0800 (PST)
Received: by mail-wm0-f47.google.com with SMTP id j199so925938wmj.2 for <sidrops@ietf.org>; Thu, 15 Feb 2018 05:44:22 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=96ctgLYQ17bkoA7C1NjQPf8veEDijN0hf6UPoPLBO6I=; b=acN+hKsAYKnEbZDja7zg3Zk3zrklmKdWKU0OaZ58/tbkXGNLJJwdFFxcrPZ4E17fVR euwhMCRfPxiWMd0S70s7mZRctQKliIu03jRr5o6CpSOEJFkxLJx3gYqT1OSBLZRwLbSf HZTjFwT3CHe3kU2R5uzFPDh25ybmQ0JIuygFY5yrBTcaznP+dtda8yyjnGWBfeYvm2yA F0MvYJ96fJQ4VfNB/QFtSV983Gb+nCLLOsHQ5hFaKf8dMo4xtOc97y+2ucyTo9IG6ZG9 liOzRQjmMyj+ztF8/LhXf7XmcevFc55uZcHk2dC2YNf/rphujPDlOm0ADZvIgdr8BZaD YdDw==
X-Gm-Message-State: APf1xPB9e9S31fCZ0C1nim1tUHaIchCOsAB43glYyyhTl1XrhRviOjVF sT7b0srqBrqjujn6DTb3q7rpLQ==
X-Google-Smtp-Source: AH8x2242yL/z5v7/g469XuPJvofumx/DN5/uZnR6jxhJOLhJ2sIaqsqqs0NxprczwQTFKzM44TSWCg==
X-Received: by 10.80.151.106 with SMTP id d39mr3428547edb.79.1518702261235; Thu, 15 Feb 2018 05:44:21 -0800 (PST)
Received: from localhost ([2001:67c:208c:10:2cf2:185e:db44:f1cb]) by smtp.gmail.com with ESMTPSA id l5sm518255eda.82.2018.02.15.05.44.20 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 15 Feb 2018 05:44:20 -0800 (PST)
Date: Thu, 15 Feb 2018 14:44:18 +0100
From: Job Snijders <job@ntt.net>
To: Aris Lambrianidis <aris.lambrianidis@ams-ix.net>
Cc: Jeff Wheeler <jsw@inconcepts.biz>, sidrops@ietf.org
Message-ID: <20180215134418.GC1193@hanna.meerval.net>
References: <CAPWAtbJJ3mWXP-d314CbY7n9LSh4KmNjXBCP93Ag_i=0gcAd8Q@mail.gmail.com> <5A84B6B8.50207@ams-ix.net> <20180215133931.GB1193@hanna.meerval.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <20180215133931.GB1193@hanna.meerval.net>
X-Clacks-Overhead: GNU Terry Pratchett
User-Agent: Mutt/1.9.3 (2018-01-21)
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/XXd_-YHIrbEBF11T_cMNi_FlIG8>
Subject: Re: [Sidrops] Comments on draft-ietf-sidrops-validating-bgp-speaker
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Feb 2018 13:44:25 -0000
On Thu, Feb 15, 2018 at 02:39:31PM +0100, Job Snijders wrote:
> On Wed, Feb 14, 2018 at 11:22:48PM +0100, Aris Lambrianidis wrote:
> > Let me also point out that in theory, forwarding "invalid" prefixes is
> > bad. However, our own operational experience so far has shown that
> > most ROA invalid prefixes are due to misconfiguration rather than
> > malicious intent.
>
> A major consideration is that all IXP route servers only offer a
> _partial_ view on the global routing table, nobody ever single-homes
> behind an IXP route server. So, if the IXP route server does _not_
> propagate invalid prefixes to its participants, operationally speaking
> the 'worst' thing that can happen is that alternative paths are used via
> either bilateral peering or other arrangements. If anything, if people
> depend on keeping their traffic on the IX with the help of the RS, there
> is an actual monetary incentive to repair the misconfigured ROAs. If
> anything, IXPs should take a leading role in deploying RPKI Origin
> Validation - this draft proposes the opposite: a watering down that
> justifies propagation of bad announcements.
>
> By merely tagging the invalid prefixes with a community, the sender of
> those BGP announcements has significantly visiblity into problem, since
> the sender of such announcements won't see the 'invalid community'
> themselves.
Oops, some words were missing from the above paragraph:
By merely tagging the invalid prefixes with a community, the sender
of those BGP announcements has significantly less visiblity into the
problem, since the sender of such announcements won't see the
'invalid community' themselves.
> I think in context of IXP Route Servers it is very detrimental to the
> Internet community's overall effort to improve routing security if
> invalid malicious announcements are distributed alongside these
> 'misconfigurations', and the propagation of misconfigurations is deemed
> more important than blocking of incorrect announcements.
>
> Given the prevalence of routing incidents and the critical effects they
> have on business continuity, I'm concerned that time is wasted on
> actively lowering the bar ('rpki-light' aka 'draft-ietf-sidrops-validating-bgp-speaker')
> rather than spending time on setting higher standards.
>
> ESPECIALLY given the position of route servers in the routing ecosystem.
> If we consider a misconfigured RPKI ROA an 'error', favoring strict
> error handling (dropping) over attempting error recovery is an effective
> technique for ensuring that faults receive attention.
>
> Kind regards,
>
> Job
- [Sidrops] Comments on draft-ietf-sidrops-validati… Jeff Wheeler
- Re: [Sidrops] Comments on draft-ietf-sidrops-vali… Aris Lambrianidis
- Re: [Sidrops] Comments on draft-ietf-sidrops-vali… Job Snijders
- Re: [Sidrops] Comments on draft-ietf-sidrops-vali… Job Snijders
- Re: [Sidrops] Comments on draft-ietf-sidrops-vali… Jeff Wheeler
- Re: [Sidrops] Comments on draft-ietf-sidrops-vali… Nick Hilliard