Re: [Sidrops] Multiple origin validation states in draft-ietf-sidrops-validating-bgp-speaker
Job Snijders <job@instituut.net> Tue, 23 July 2019 20:18 UTC
Return-Path: <job@instituut.net>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 03CCE120943 for <sidrops@ietfa.amsl.com>; Tue, 23 Jul 2019 13:18:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=instituut-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JXJCd6Gn9Y6J for <sidrops@ietfa.amsl.com>; Tue, 23 Jul 2019 13:18:28 -0700 (PDT)
Received: from mail-ot1-x343.google.com (mail-ot1-x343.google.com [IPv6:2607:f8b0:4864:20::343]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 677F012039B for <sidrops@ietf.org>; Tue, 23 Jul 2019 13:18:28 -0700 (PDT)
Received: by mail-ot1-x343.google.com with SMTP id 60so5861266otr.7 for <sidrops@ietf.org>; Tue, 23 Jul 2019 13:18:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=instituut-net.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=q2FH9ygTYP4bGmmAWbZOVsau0whOeuWdBdGudhH9PGU=; b=fYAqudv6O3BF4ol1jQkkD1H8Ab+VSp6aWhJyu83ZWt1DaPGiaNcZZmzzStciQiOcg4 Gd83XvNUA6CzbYMNZIvu1Ip4rF351aqhvSBYXskR5TblvPAt6NtYsKKXR5eAjSfY8NB9 4XR4gNXpBGLue7U4+gA121fAUhAEEHDC7Ge2pwXoQK/jGGKwEbTgB/gaGzg9+sFT+xSG O+QsrCxVttZbGSN8s24K6sA2YvbjeVVIPjYn/WJqLb+CESyiWTcSRjzfTBUdwEL8/IXW 6LWyzYE2hDTwSJycfSGkpOetxq4ApKPRag9l5IvEWQcE9BySxNrhLFNqpqc/5IlFupbb TWIw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=q2FH9ygTYP4bGmmAWbZOVsau0whOeuWdBdGudhH9PGU=; b=N1/ow8OazdsPYmwng8bZiixcx/jIVw00Z7YrrXYgPCaiEHPq/lceuwA/gg85rIqhcm D0tMZ74vyvhE68hgOC5oOzVqKIigCIPq++trouS56eZkxctG3MSamMLygArq/DPrVu0G Dkrdusky803VpQ8d42kChL3siPv/LH0N2QG7bDMK8nHCPmnrirYEp0Wma5g0w5J0kEgi G0rzvjHlWEVR0HLm+CKEHYY6rJBBUxb4s/QUBJOIlea1ynMIfwbO/I1Jx5EcJHeAk7dZ jtCDxE9c36x+A5mAMxNilwFCfn/CkF/k2yBZ+4UL34mNFlm/vTjSCX4KgO/rcwbqz3EL yWWA==
X-Gm-Message-State: APjAAAWk6flHo6eLW1dYo53einetgEPQ7Naeyy1j7qfs70LEOEfziG3o mCsblSVxKemPyYfq+ratUD2roVDlfa/L6fXY39I=
X-Google-Smtp-Source: APXvYqzXzYGOypodT3wFTw8he8q3m2lZI5p1vQch5685pC9AJyYBPo4AfqbhlPIpHg4Xz9/Rw/dLcZPdXi68HtBUUcY=
X-Received: by 2002:a05:6830:1249:: with SMTP id s9mr59204334otp.33.1563913107534; Tue, 23 Jul 2019 13:18:27 -0700 (PDT)
MIME-Version: 1.0
References: <381E492B-BE40-4AAE-B581-FC3CB90C7A38@nist.gov>
In-Reply-To: <381E492B-BE40-4AAE-B581-FC3CB90C7A38@nist.gov>
From: Job Snijders <job@instituut.net>
Date: Tue, 23 Jul 2019 20:18:15 +0000
Message-ID: <CACWOCC-CA7ocrLhceTDDDUXw0qn1JS-T_HW0G3sMT1Qqpp=_bg@mail.gmail.com>
To: "Montgomery, Douglas (Fed)" <dougm=40nist.gov@dmarc.ietf.org>
Cc: John Scudder <jgs=40juniper.net@dmarc.ietf.org>, "draft-ietf-sidrops-validating-bgp-speaker@ietf.org" <draft-ietf-sidrops-validating-bgp-speaker@ietf.org>, "sidrops@ietf.org" <sidrops@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/_r_--ESqsWukU0roJFDj8xmEawE>
Subject: Re: [Sidrops] Multiple origin validation states in draft-ietf-sidrops-validating-bgp-speaker
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Jul 2019 20:18:30 -0000
On Tue, Jul 23, 2019 at 8:16 PM Montgomery, Douglas (Fed) <dougm=40nist.gov@dmarc.ietf.org> wrote: > > So we are talking about a single update containing two instances of the validation result community? > > Now, I really wonder how this can happen? > > Isn't this a sign that the RS is either (a) broken and inserting two results itself, or (b) the RS is ignoring the requirement to strip the community upon receipt? Or it didn't come from the route server, or the route server just passed it on. We can't know from the BGP session itself whether the route server does validation, and we can't know where the route server got its routing information from. We can't really trust it. Kind regards, Job
- [Sidrops] Multiple origin validation states in dr… John Scudder
- Re: [Sidrops] Multiple origin validation states i… Montgomery, Douglas (Fed)
- Re: [Sidrops] Multiple origin validation states i… Job Snijders
- Re: [Sidrops] Multiple origin validation states i… Daniel Kopp
- Re: [Sidrops] Multiple origin validation states i… Matthias Waehlisch
- Re: [Sidrops] Multiple origin validation states i… John Scudder