Re: [Sidrops] [GROW] ASPA and Route Server (was RE: IXP Route Server question)
Zhuangshunwan <zhuangshunwan@huawei.com> Thu, 24 March 2022 12:19 UTC
Return-Path: <zhuangshunwan@huawei.com>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id F00F73A1111;
Thu, 24 Mar 2022 05:19:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.907
X-Spam-Level:
X-Spam-Status: No, score=-1.907 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H5=0.001,
RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001,
T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001]
autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id 9CTu1P8NXofm; Thu, 24 Mar 2022 05:19:39 -0700 (PDT)
Received: from frasgout.his.huawei.com (frasgout.his.huawei.com
[185.176.79.56])
(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id 73A0E3A0E1D;
Thu, 24 Mar 2022 05:19:39 -0700 (PDT)
Received: from fraeml715-chm.china.huawei.com (unknown [172.18.147.207])
by frasgout.his.huawei.com (SkyGuard) with ESMTP id 4KPPQ86PVzz67yJg;
Thu, 24 Mar 2022 20:18:24 +0800 (CST)
Received: from kwepeml500001.china.huawei.com (7.221.188.162) by
fraeml715-chm.china.huawei.com (10.206.15.34) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.24; Thu, 24 Mar 2022 13:19:34 +0100
Received: from kwepeml500004.china.huawei.com (7.221.188.141) by
kwepeml500001.china.huawei.com (7.221.188.162) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2308.21; Thu, 24 Mar 2022 20:19:33 +0800
Received: from kwepeml500004.china.huawei.com ([7.221.188.141]) by
kwepeml500004.china.huawei.com ([7.221.188.141]) with mapi id 15.01.2308.021;
Thu, 24 Mar 2022 20:19:33 +0800
From: Zhuangshunwan <zhuangshunwan@huawei.com>
To: "Sriram, Kotikalapudi (Fed)" <kotikalapudi.sriram@nist.gov>, "Jakob Heitz
(jheitz)" <jheitz@cisco.com>, Jeffrey Haas <jhaas@pfrc.org>
CC: "sidrops@ietf.org" <sidrops@ietf.org>, "grow@ietf.org" <grow@ietf.org>,
Nick Hilliard <nick@foobar.org>
Thread-Topic: [GROW] [Sidrops] ASPA and Route Server (was RE: IXP Route Server
question)
Thread-Index: AQHYPULXMMKnMnklKEmxZqImduurxazKE6GAgAA0FfCAAJnqAIACbjJQgAEiQvA=
Date: Thu, 24 Mar 2022 12:19:32 +0000
Message-ID: <1261bf25fc5e49b7a09a3837eafa668b@huawei.com>
References: <BY3PR09MB81315D53064951F865F2A23884109@BY3PR09MB8131.namprd09.prod.outlook.com>
<SA1PR09MB814268C7DB52D8758817217984159@SA1PR09MB8142.namprd09.prod.outlook.com>
<CABNhwV30Guy28qBR_eA==CUy2Xj24OfPwxV0n2gFF7wVrgBMpg@mail.gmail.com>
<BYAPR11MB3207DE083AD888F3C963E347C0169@BYAPR11MB3207.namprd11.prod.outlook.com>
<a07986fb2d7147c0abb36229237d8982@huawei.com>
<B1660213-CEB8-48C1-B44E-DC3D43510031@pfrc.org>
<BYAPR11MB32077BA1382FC96F88A26248C0169@BYAPR11MB3207.namprd11.prod.outlook.com>
<SA1PR09MB81422068759D8D1A4258F5FD84169@SA1PR09MB8142.namprd09.prod.outlook.com>
<473f0482508e4b2e86e76986c74828f9@huawei.com>
<SA1PR09MB8142AB44A641DB48140F991884189@SA1PR09MB8142.namprd09.prod.outlook.com>
In-Reply-To: <SA1PR09MB8142AB44A641DB48140F991884189@SA1PR09MB8142.namprd09.prod.outlook.com>
Accept-Language: zh-CN, en-US
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.108.152.178]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/gw6E9e9ihaRBkat462nrL7Yy33Q>
Subject: Re: [Sidrops] [GROW] ASPA and Route Server (was RE: IXP Route
Server question)
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>,
<mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>,
<mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Mar 2022 12:19:46 -0000
Hi Sriram,
Functionally, your solution does detect the route leak.
But the actual operation may be difficult, how to encourage so many RS Clients to claim their ASPAs?
Or do we need to create an ASPA database with such ASPAs locally by collecting and analyzing Internet routing and data?
In a project I've been through, we did do something similar. We mine those RS Clients that are interconnected by IXP RS, and then create a P2P relational database for them.
Take the following topology as an example:
AS1 (RS Client) -----> AS2 (RS) -----> AS3 (RS Client) ---p2p (lateral peer) ---> AS4 (validating AS)
\
\
AS5(RS Client)
By some probing we can find AS1/AS3/AS5 are AS2 (RS)'s clients, so we can add AS-Pairs: {AS1 AS3}, {AS1 AS5}, {AS3 AS5} into the local P2P AS-Relationships database.
By the similar method, we can also create a local RS-Client to RS ASPA database.
Kind Regards,
Shunwan
> -----Original Message-----
> From: Sriram, Kotikalapudi (Fed) [mailto:kotikalapudi.sriram@nist.gov]
> Sent: Thursday, March 24, 2022 3:01 AM
> To: Zhuangshunwan <zhuangshunwan@huawei.com>om>; Jakob Heitz (jheitz)
> <jheitz@cisco.com>om>; Jeffrey Haas <jhaas@pfrc.org>
> Cc: sidrops@ietf.org; grow@ietf.org; Nick Hilliard <nick@foobar.org>
> Subject: RE: [GROW] [Sidrops] ASPA and Route Server (was RE: IXP Route
> Server question)
>
> Hi Shunwan,
>
> >> AS1 (RS Client) -----> AS2 (RS) -----> AS3 (RS Client) ---p2p (lateral peer) --->
> AS4 (validating AS)
>
> >2. AS3 is not included in the set of C2P AS numbers set registered by AS1;
>
> #2 (above) from your list is what we have focused on as a solution. Please
> see my previous post responding to Jakob where the set of ASPAs is
> enumerated.
>
> Sriram
- [Sidrops] ASPA and Route Server (was RE: [GROW] I… Sriram, Kotikalapudi (Fed)
- Re: [Sidrops] ASPA and Route Server (was RE: [GRO… Zhuangshunwan
- Re: [Sidrops] [GROW] ASPA and Route Server (was R… Sriram, Kotikalapudi (Fed)
- Re: [Sidrops] ASPA and Route Server (was RE: [GRO… Sriram, Kotikalapudi (Fed)
- Re: [Sidrops] [GROW] ASPA and Route Server (was R… Gyan Mishra
- Re: [Sidrops] [GROW] ASPA and Route Server (was R… Jakob Heitz (jheitz)
- Re: [Sidrops] [GROW] ASPA and Route Server (was R… Zhuangshunwan
- Re: [Sidrops] [GROW] ASPA and Route Server (was R… Sriram, Kotikalapudi (Fed)
- Re: [Sidrops] [GROW] ASPA and Route Server (was R… Gyan Mishra
- Re: [Sidrops] [GROW] ASPA and Route Server (was R… Jeffrey Haas
- Re: [Sidrops] [GROW] ASPA and Route Server (was R… Jakob Heitz (jheitz)
- Re: [Sidrops] [GROW] ASPA and Route Server (was R… Sriram, Kotikalapudi (Fed)
- Re: [Sidrops] [GROW] ASPA and Route Server (was R… Zhuangshunwan
- Re: [Sidrops] [GROW] ASPA and Route Server (was R… Jakob Heitz (jheitz)
- Re: [Sidrops] [GROW] ASPA and Route Server (was R… Sriram, Kotikalapudi (Fed)
- Re: [Sidrops] [GROW] ASPA and Route Server (was R… Sriram, Kotikalapudi (Fed)
- Re: [Sidrops] [GROW] ASPA and Route Server (was R… Jakob Heitz (jheitz)
- Re: [Sidrops] [GROW] ASPA and Route Server (was R… Jakob Heitz (jheitz)
- Re: [Sidrops] [GROW] ASPA and Route Server (was R… Sriram, Kotikalapudi (Fed)
- Re: [Sidrops] [GROW] ASPA and Route Server (was R… Jakob Heitz (jheitz)
- Re: [Sidrops] [GROW] ASPA and Route Server (was R… Sriram, Kotikalapudi (Fed)
- Re: [Sidrops] [GROW] ASPA and Route Server (was R… Zhuangshunwan