Re: [Sidrops] [GROW] IXP Route Server question
"Sriram, Kotikalapudi (Fed)" <kotikalapudi.sriram@nist.gov> Sun, 13 March 2022 16:20 UTC
Return-Path: <kotikalapudi.sriram@nist.gov>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id 0B0993A0D7E;
Sun, 13 Mar 2022 09:20:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.112
X-Spam-Level:
X-Spam-Status: No, score=-2.112 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1,
DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
FROM_GOV_DKIM_AU=-0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01,
URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key)
header.d=nist.gov
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id oiEB-f_ec6ZV; Sun, 13 Mar 2022 09:20:09 -0700 (PDT)
Received: from GCC02-DM3-obe.outbound.protection.outlook.com
(mail-dm3gcc02on2071a.outbound.protection.outlook.com
[IPv6:2a01:111:f400:7d04::71a])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id A5A0B3A0D77;
Sun, 13 Mar 2022 09:20:08 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
b=ikzyqBbWDHTeC66dKERdZahrcZv8ZH7GTk/u8bXTDChrjgLskLQobdpw8+/JXJSksJmcquqFPDC0LQ13ode+g4oo5zywWTSMPBQug0JvFrEgnt8D8Ch8Tu0UbtC1XNzGJN9DvKwd7Up6N+c3ivDNg17fG/2ploDiXHlChYrlXCp7e1ZWg0MsUdrGd3wuqwqjzl+lTENh/ZkggpjVtTbwc5j9WV+FVwGjHYBQ9OB1tMuQGcM6AerQ1HbqiFp9Y8T3H7OP6oghKiEiajlG6GvHCIUCTJU4Sg12TcPk/vvVPo2XfY1S0vrOSW0SJ+h8QvIkQFe5jGWlymxWQ4RwZzm5RA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
s=arcselector9901;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
bh=E3B18YyePMx3lultaVjOnRQ/j1CHaWT1lJ/ivAABSX0=;
b=GpIiENl5NEyKmBS4cwXvUUF9k3t2MUFEWcE7qOhu991wkhFHAdBCJrDH1X+OxqbL53gbeEmjRavm8AKm/zzWHRszMGAPTMPKaVZxrqdgMPWqXlbdpNGdyZVth5VqVnTyKtcePFGmmljtAZuqWGxRWrCUgiqGazmjqY6YwKf1MtcO9+tLqJ0PUEjDiYiwpWObLLzIKOh2hLolpd571XwCeL5gtpIYzOmymvW8sj/stXPKsieLmFvXFlCSux4wDwdbvyRi7EslE8N/ON1y7jOL9sWWT0tpjqkQpypvpKWiF8VGUi+RRlhSSIwt47K3YC80igQqnxystedHLj+urS7R1A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
smtp.mailfrom=nist.gov; dmarc=pass action=none header.from=nist.gov;
dkim=pass header.d=nist.gov; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nist.gov; s=selector2;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
bh=E3B18YyePMx3lultaVjOnRQ/j1CHaWT1lJ/ivAABSX0=;
b=ZXBp0KDntMPcD9hUQrXLFDDWO6xsxOKI22V5emOp6OhanPP1NQD5HFwPb5w0G6x4PrXJS7XvVuxSZ+Qd8mV9ayIPxJI77HoVwrmaznPpnGHj4SkZlDEBgXXQXmMkFvqwzd9+zytO+rkYcZUHV/vAnTnLJHp2S7VZllRvbtQBC28=
Received: from SA1PR09MB8142.namprd09.prod.outlook.com (2603:10b6:806:171::8)
by SA1PR09MB7806.namprd09.prod.outlook.com (2603:10b6:806:17d::5)
with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5061.21; Sun, 13 Mar
2022 16:20:02 +0000
Received: from SA1PR09MB8142.namprd09.prod.outlook.com
([fe80::c99c:1af3:8454:5d6a]) by SA1PR09MB8142.namprd09.prod.outlook.com
([fe80::c99c:1af3:8454:5d6a%6]) with mapi id 15.20.5061.026; Sun, 13 Mar 2022
16:20:02 +0000
From: "Sriram, Kotikalapudi (Fed)" <kotikalapudi.sriram@nist.gov>
To: Nick Hilliard <nick@foobar.org>, Ben Maddison <benm@workonline.africa>
CC: "grow@ietf.org" <grow@ietf.org>, "sidrops@ietf.org" <sidrops@ietf.org>
Thread-Topic: [GROW] IXP Route Server question
Thread-Index: AdgzI9AepbPeSUXIRROpCLpxuIKvkgAD5f2AAD5dAsAAKdbBgAARKN2AAFDlyAAAJHTCoA==
Date: Sun, 13 Mar 2022 16:20:02 +0000
Message-ID: <SA1PR09MB814204C76C23025F166E29FA840E9@SA1PR09MB8142.namprd09.prod.outlook.com>
References: <SA1PR09MB8142093BE50A27A7EED132D884099@SA1PR09MB8142.namprd09.prod.outlook.com>
<0db7749f-66fd-5def-a8bb-3ee316cf2ca1@foobar.org>
<SA1PR09MB81421BCBA7FB59615A7638A5840B9@SA1PR09MB8142.namprd09.prod.outlook.com>
<fa0b5b32-6541-f493-e02b-fe75d44dacd5@foobar.org>
<20220311072307.gymne3ofnfsrinkc@benm-laptop>
<517ea9bd-4ee1-44cb-3373-eb0552191b2b@foobar.org>
In-Reply-To: <517ea9bd-4ee1-44cb-3373-eb0552191b2b@foobar.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed)
header.d=none;dmarc=none action=none header.from=nist.gov;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: a5f3ad07-626e-4433-db2c-08da050d53e0
x-ms-traffictypediagnostic: SA1PR09MB7806:EE_
x-microsoft-antispam-prvs: <SA1PR09MB78063193B6B9095362EB479E840E9@SA1PR09MB7806.namprd09.prod.outlook.com>
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: Dhp52VAu9eKDUXlwsbNIQt3p3KIodRgsiSRAiXflHVkPpqsaciGbzZ8djBf327wzY0HeSJKLEYUyFhcVfwXUh6zHlL2yuk40fVqOjhFP1Ga4iWEmcDAZOuwYCjmOzj3OAE1IscYK+ZV1HJ7LLEMT3jmR0AvfgfI88QBDBWvHjCBy/PRlvitzL8VHi4aQ/ppNXstbyva39EfF3umIMRaBUpWMzr1rL0KYFrat1d65cqX+YICYTgxmyAOYL46UJV8tg465iEEZGqQMZEEvUCxFpMo3KCbQCDtcGYq4JE4q3gx38AbrQsP49x+rYGE1rpcetlJCs7/GnQ/W69ekLuv0U+M8+/CQkYp+Owii8rCZq49l0YBr2G1b8eh3dbgLbMe3baMVZ+yoHifP+x/bkaau161CGvIOK0afDPAgRVY7i3WoD9MMHcj9oP9pt5fehytRCaBgSg1zHGg9IcYP55N9F69N8hFWNDyLBeL7TfS9NXwzBvUaM8lf0oEX2uiDd0VaLLpgYkA4EHF8VxZWUF53kAOGArOTJBpMX8s8cFMuSwwxqds8phDJ7OVECoZrraE0WeMwxTEm5ru83X+ap1TSIMON2i4oRltwRmFD4Jztr72L0uzQzqL7mSSws1Poh1O+84KwPZuV388pjR5zrqKNPR0GFY2lKyuTZ5y0PxoxysouzeXf/iUQvqI2f4ePzzDcXFP6Vec7U/UUI8NEhhQBlg==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:;
IPV:NLI; SFV:NSPM;
H:SA1PR09MB8142.namprd09.prod.outlook.com; PTR:; CAT:NONE;
SFS:(13230001)(4636009)(366004)(54906003)(71200400001)(110136005)(186003)(83380400001)(26005)(508600001)(33656002)(66556008)(4326008)(76116006)(8936002)(38070700005)(5660300002)(86362001)(82960400001)(66476007)(66446008)(64756008)(122000001)(8676002)(66946007)(316002)(9686003)(7696005)(2906002)(6506007)(38100700002)(52536014)(55016003);
DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?Ze/sskyEHhwejk+tbyxVCcx8Hpjv8vs1SHdlxsunpYsh7y+D21BpXML/ovZF?=
=?us-ascii?Q?u5bnGqXBs66VtyGEFIceiUaF+HQ6NUakNY2cs2XFyZsoyStFIepjGx1NILaw?=
=?us-ascii?Q?ssyvW1jsTNyYq5ON0twaUOavyyxlevxxFcC6amC1lS0jCRy36DZ5YObN3x/x?=
=?us-ascii?Q?RmwGYl5+ed2OCvha6APeggRyLAWZyNhnJrVo7ycafSXTo0Vi+fA44ko88r2P?=
=?us-ascii?Q?v7hiiMIeKvc5DWVAJ9h8xMQakQ2WoeWElK+aKMGa35QmH3YUsjXrSqSkk0J3?=
=?us-ascii?Q?PgbcBpTvXUOq+yKL4XrI901fjWI+3XGUlr+vPRXK1krKRyCO1B6mQlpYAhoI?=
=?us-ascii?Q?swQTRWW5b2vDSj9RXLrwzmoO+WfWI7W8/djnCXneyaO36gl/HNS5hI4aLkBw?=
=?us-ascii?Q?r/jfC5G9iFnHGTiwBHgIcWLhtCTNZNb0ecDzJEZ2fQVAJwV47HWJSwO+pek9?=
=?us-ascii?Q?ycXohxDk3MQQgDfjmkFjXzPT54Ys9VAmkjFpXAO6uGWLYhUwhf7C+JOCltPn?=
=?us-ascii?Q?I9+F9uCcX+joZOI1xRrFvFVljuGO1nOTsSSwkuezn6JcgvIaDI6KIt7bQ/eV?=
=?us-ascii?Q?KjcLDu/bcaG0DYG0VeIMOqTCG444hjMH91sukM7u9hPHN+dQFpprYZwEnl1T?=
=?us-ascii?Q?gzAxKZhq7BTKdWsUsyFp579/CO7PQvwc9qBR1BzPThTYamcf+IrSBC0PSy1T?=
=?us-ascii?Q?DLi0eJbReXAQVeLIBRG+a5yBcTsx6b632YUvNVyBUAHP/3E5qWgWkau2EUyt?=
=?us-ascii?Q?gobm6xoiehFNaL2+K1Vn7cITrran5Z299fpit05mogyIecWJnevoOrIpDvqK?=
=?us-ascii?Q?c3r59vNfyGlccrC2lA5/iAdkC/ctGhrqutOviS92rshfCvexRc+3zykaNngR?=
=?us-ascii?Q?iveH8j/PASkXvS1O41CBcXO9QKmE4FiL4/h1+8dM20sCPLc5OpnhP71prcnw?=
=?us-ascii?Q?kchkp3quiPmiCU+zIoWOx0jITrnfGi+qufet1a5dhV9ODu2OWCLOhvPnc+le?=
=?us-ascii?Q?3IPF0bs8NxXhBtmFpM2DDkX1oucxMmdn9QMTWM26snl90tl5DGq5uVv7TsZ8?=
=?us-ascii?Q?gSf3rhzug0ZkvUKkU9f3UX3vanp+2bwCo6c093+R6WnySVXSWpYz2/MDChri?=
=?us-ascii?Q?bYOAzwCeaSMO+wZ6npNC9BhXHkM574fua7j7iUwOikov267seTyvDw8DayXN?=
=?us-ascii?Q?q6Cr+Y86N3exeTu8L7qleiAAX62iMd66frletm5m4eoeZ0D0oHC06LiWCF4t?=
=?us-ascii?Q?yBIxW0JJD0etAPVd997tjIJJDtb4cJhBPI+Y8uW18TAL7n4TUYRTLATqo5n5?=
=?us-ascii?Q?WVtuCcVQDK3CVagoMSEvmBZg161RUobrZPXdQMI6/f9esGkqsycpET5fVChN?=
=?us-ascii?Q?jgcq5SiiPKotTQsrmBkYzonge6M8InpJOfghlueQFMwS/1+mJ9M6ZTzTFEvu?=
=?us-ascii?Q?Fh13rCt3ZFg=3D?=
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: nist.gov
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SA1PR09MB8142.namprd09.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: a5f3ad07-626e-4433-db2c-08da050d53e0
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Mar 2022 16:20:02.5210 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 2ab5d82f-d8fa-4797-a93e-054655c61dec
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA1PR09MB7806
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/bVgLEB6r-uo7XLAoXqkCrohjrGk>
Subject: Re: [Sidrops] [GROW] IXP Route Server question
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>,
<mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>,
<mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 13 Mar 2022 16:20:14 -0000
Nick,
>Ben Maddison wrote on 11/03/2022 07:23:
>> Essential, I would think: how could a far end relying party know that
>> an AS in the middle of a received AS_PATH is a non-transparent IXP RS
>> in order to apply any other treatment?
>given that they're a shrinking rarity, would it not make sense to completely exclude non-transparent RSs from the ASPA definition? In the short term this would cause problems for ASNs which connect to non-transparent RSs, but there are hardly any left, and only one sizeable one.
>I wonder whether it's a good idea to design a long term security mechanism which includes a specific carve-out for a legacy corner case like this.
Not sure why Ben even raised that question. To me, it doesn't seem relevant. In the route leak detection procedures, the receiving/validating AS does not require information about the nature of ASes (RS or not RS) in the AS Path except for the sending/neighbor AS which it knows to be an RS in case it knows itself to be an RS-client. The procedures rely only on ASPA objects for the origin AS and ASes in the middle.
Sriram
- [Sidrops] IXP Route Server question Sriram, Kotikalapudi (Fed)
- Re: [Sidrops] IXP Route Server question Christopher Morrow
- Re: [Sidrops] [GROW] IXP Route Server question Christopher Morrow
- Re: [Sidrops] [GROW] IXP Route Server question Nick Hilliard
- Re: [Sidrops] [GROW] IXP Route Server question Robert Raszuk
- Re: [Sidrops] [GROW] IXP Route Server question Robert Raszuk
- Re: [Sidrops] [GROW] IXP Route Server question Christopher Morrow
- Re: [Sidrops] IXP Route Server question Ben Maddison
- Re: [Sidrops] IXP Route Server question Randy Bush
- Re: [Sidrops] IXP Route Server question Randy Bush
- Re: [Sidrops] [GROW] IXP Route Server question Sriram, Kotikalapudi (Fed)
- Re: [Sidrops] IXP Route Server question Sriram, Kotikalapudi (Fed)
- Re: [Sidrops] [GROW] IXP Route Server question Nick Hilliard
- Re: [Sidrops] [GROW] IXP Route Server question Ben Maddison
- Re: [Sidrops] [GROW] IXP Route Server question Sriram, Kotikalapudi (Fed)
- Re: [Sidrops] [GROW] IXP Route Server question Zhuangshunwan
- Re: [Sidrops] [GROW] IXP Route Server question Nick Hilliard
- Re: [Sidrops] [GROW] IXP Route Server question Randy Bush
- Re: [Sidrops] [GROW] IXP Route Server question Sriram, Kotikalapudi (Fed)
- Re: [Sidrops] [GROW] IXP Route Server question Sriram, Kotikalapudi (Fed)
- Re: [Sidrops] [GROW] IXP Route Server question Nick Hilliard
- Re: [Sidrops] [GROW] IXP Route Server question Zhuangshunwan
- Re: [Sidrops] [GROW] IXP Route Server question Mosher, Rob