Re: [Sidrops] New Version Notification for draft-sriram-sidrops-drop-invalid-policy-00.txt
Job Snijders <job@ntt.net> Tue, 13 March 2018 16:05 UTC
Return-Path: <job@instituut.net>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E3C19124217 for <sidrops@ietfa.amsl.com>; Tue, 13 Mar 2018 09:05:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.65
X-Spam-Level:
X-Spam-Status: No, score=-1.65 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.25, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GXZN6OPQHQqx for <sidrops@ietfa.amsl.com>; Tue, 13 Mar 2018 09:05:23 -0700 (PDT)
Received: from mail-wr0-f179.google.com (mail-wr0-f179.google.com [209.85.128.179]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D48531201FA for <sidrops@ietf.org>; Tue, 13 Mar 2018 09:05:22 -0700 (PDT)
Received: by mail-wr0-f179.google.com with SMTP id r8so400281wrg.0 for <sidrops@ietf.org>; Tue, 13 Mar 2018 09:05:22 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=bQNC0ndqE/z1AxDM/Mc9R0zTEaf2ZR2+cynljipbiRE=; b=qU22HikXpRdZ1mfdNg4vGlBN3Vw6m3PnoMlUxF2PATZJCcIe/DGY/JuYFE1dty7HoK 5YA7amtov64UGWxy/MKBArx5IDTwQ6HJLVpUi9t8jQvpM5U21rBqJzBmRAGhhPCgJ1R/ kV289O+8dXsNdG4KnpoEDjFQtCg8kSAAPz0lE2vTS7chqjwJVS27PwsiIUMIpDavtBHk 5deEtV7EJlz9qkjQFklgsimc2X3QQipVV2YjGpcFjKL/fvHfddddGggx06aUf4YGVwbr OWJUXc4EwNQFDXzROaa6wiQaqyB6toY6OHUTgYHwm85ja6pocTCI9ma4WCUdPh6b3fwv Tapg==
X-Gm-Message-State: AElRT7Et3QfbZkXWzXX16q7d2ybs4ETbO0m1G/+XcPrth+xqc1XzkBfy zdeAVdQr8ESHxv/aM6UdvPCqH+rezUtMVw==
X-Google-Smtp-Source: AG47ELugaYQ0kMP9YLtnss0iGJRj5D9qHnbTiqz2n0i8H9SSqZ4TT+vHHIPNoeHwaFhUWk7so0bLqA==
X-Received: by 10.80.204.133 with SMTP id q5mr1444658edi.112.1520957120783; Tue, 13 Mar 2018 09:05:20 -0700 (PDT)
Received: from vurt.meerval.net (vurt.meerval.net. [192.147.168.22]) by smtp.gmail.com with ESMTPSA id p7sm451805edc.20.2018.03.13.09.05.18 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 13 Mar 2018 09:05:19 -0700 (PDT)
Received: from localhost (vurt.meerval.net [local]) by vurt.meerval.net (OpenSMTPD) with ESMTPA id 38823372; Tue, 13 Mar 2018 16:05:18 +0000 (UTC)
Date: Tue, 13 Mar 2018 16:05:17 +0000
From: Job Snijders <job@ntt.net>
To: Jay Borkenhagen <jayb@braeburn.org>
Cc: "sidrops-chairs@ietf.org" <sidrops-chairs@ietf.org>, "sidrops@ietf.org" <sidrops@ietf.org>
Message-ID: <20180313160517.GM87414@vurt.meerval.net>
References: <152029076512.12908.14537578849320525718.idtracker@ietfa.amsl.com> <BYAPR09MB2773819AB3961189CDA9B4D784D90@BYAPR09MB2773.namprd09.prod.outlook.com> <23202.46675.595670.703736@oz.mt.att.com> <CACWOCC-wiEW39T0TqHon-7UtU5Xio-EtknK9zfqOkrYCpZp7pw@mail.gmail.com> <23207.60764.835909.816447@oz.mt.att.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <23207.60764.835909.816447@oz.mt.att.com>
X-Clacks-Overhead: GNU Terry Pratchett
User-Agent: Mutt/1.9.4 (2018-02-28)
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/_QaNkIjXXGlJUmB0aXLaJ1CVdZA>
Subject: Re: [Sidrops] New Version Notification for draft-sriram-sidrops-drop-invalid-policy-00.txt
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Mar 2018 16:05:24 -0000
Hi Jay, On Tue, Mar 13, 2018 at 11:25:16AM -0400, Jay Borkenhagen wrote: > My reasons for preferring that my vendors do not implement DISR are: > > - implementing DISR would require changes to some very key parts of > router code. You might be right that there is a straightforward way > to do it -- but it's still a change to some critical code, and any > bugs introduced there could affect even those not using DISR. Eh.... yes... so don't write bugs? Your reasoning applies to any change, in any aspect of a codebase. While your fear may be justified, this type of argument is hard to take into consideration from an IETF perspective. > - the long-term goal should still be dropping all invalids, including > those that DISR would permit. So at best DISR should be only a > short-term policy. Yes. > I don't think DISR is the right policy for anyone to use, for the > reasons I cited: (a) it's better to attempt to educate those > publishing what appear to be bad ROAs rather than making any > assumptions about them, and (b) the invalid-only route could be > announced by address squatters -- why assist the squatters? > > I know of no significant ISP networks that are dropping invalids > today. (I am not discussing IXPs here.) I also know of no one saying > they would be dropping some invalids today if only DISR were > available. I'm certainly struggling to find some kind of pathway towards dropping invalids, and would seriously consider deploying DISR-style filters if they were available to me. > Before we get hung up on how DISR would be implemented in router code, > let's discuss whether it's a policy ISPs should actually deploy. For > the reasons I have explained, I say it's not. Yes - this is the big question. We agree on the observation that nobody is dropping invalids, so we have to ask ourselves: what is the resaon for this? Is there a way to overcome whatever obstacles ISPs see? A problem I see at this point in time is that if there are three networks: A, B & C - and A does origin validation but B does not, then B will be rewarded for mistakes that happen in the administrative domain of C. This makes origin validation a really tough sell. I appreciate that DISR attempts to mitigate some of these concerns - but obviously DISR (in its _current_ form) introduces some problems as well, namely opening up the option to more easily squat on unannounced space. One could consider it a trade-off: does attempting to level the playing field between network A & network B from an incentive perspective, justify a weakening of protection of (perhaps purposefully) unannounced space? > Out of curiousity, are you attempting to educate those announcing > invalids today? Yes. kind regards, Job
- Re: [Sidrops] New Version Notification for draft-… Sriram, Kotikalapudi (Fed)
- Re: [Sidrops] New Version Notification for draft-… Job Snijders
- Re: [Sidrops] New Version Notification for draft-… Tim Bruijnzeels
- Re: [Sidrops] New Version Notification for draft-… Sriram, Kotikalapudi (Fed)
- Re: [Sidrops] New Version Notification for draft-… Sriram, Kotikalapudi (Fed)
- Re: [Sidrops] New Version Notification for draft-… Montgomery, Douglas (Fed)
- Re: [Sidrops] New Version Notification for draft-… Tim Bruijnzeels
- Re: [Sidrops] New Version Notification for draft-… Montgomery, Douglas (Fed)
- Re: [Sidrops] New Version Notification for draft-… Stephen Kent
- Re: [Sidrops] New Version Notification for draft-… Jay Borkenhagen
- Re: [Sidrops] New Version Notification for draft-… Job Snijders
- Re: [Sidrops] New Version Notification for draft-… Montgomery, Douglas (Fed)
- Re: [Sidrops] New Version Notification for draft-… Randy Bush
- Re: [Sidrops] New Version Notification for draft-… Job Snijders
- Re: [Sidrops] New Version Notification for draft-… Randy Bush
- Re: [Sidrops] New Version Notification for draft-… Sriram, Kotikalapudi (Fed)
- Re: [Sidrops] New Version Notification for draft-… Job Snijders
- Re: [Sidrops] New Version Notification for draft-… Geoff Huston
- Re: [Sidrops] New Version Notification for draft-… Job Snijders
- Re: [Sidrops] New Version Notification for draft-… Geoff Huston
- Re: [Sidrops] New Version Notification for draft-… Job Snijders
- Re: [Sidrops] New Version Notification for draft-… Tim Bruijnzeels
- Re: [Sidrops] New Version Notification for draft-… Sriram, Kotikalapudi (Fed)
- Re: [Sidrops] New Version Notification for draft-… Jay Borkenhagen
- Re: [Sidrops] New Version Notification for draft-… Job Snijders
- Re: [Sidrops] New Version Notification for draft-… Borchert, Oliver (Fed)
- Re: [Sidrops] New Version Notification for draft-… Stephen Kent
- Re: [Sidrops] New Version Notification for draft-… Job Snijders
- Re: [Sidrops] New Version Notification for draft-… Montgomery, Douglas (Fed)
- Re: [Sidrops] New Version Notification for draft-… Randy Bush
- Re: [Sidrops] New Version Notification for draft-… Stephen Kent
- Re: [Sidrops] New Version Notification for draft-… Borchert, Oliver (Fed)
- Re: [Sidrops] New Version Notification for draft-… Jeffrey Haas
- Re: [Sidrops] New Version Notification for draft-… Job Snijders
- Re: [Sidrops] New Version Notification for draft-… Jeffrey Haas