Re: [Sidrops] [GROW] Any credence to AS_SET in the *middle* between AS_SEQUENCEs?
Alexander Azimov <a.e.azimov@gmail.com> Tue, 26 July 2022 13:14 UTC
Return-Path: <a.e.azimov@gmail.com>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 89DB4C14F607; Tue, 26 Jul 2022 06:14:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.104
X-Spam-Level:
X-Spam-Status: No, score=-2.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id x0XSfBlxFhqh; Tue, 26 Jul 2022 06:14:50 -0700 (PDT)
Received: from mail-wr1-x431.google.com (mail-wr1-x431.google.com [IPv6:2a00:1450:4864:20::431]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 532ACC1C50E0; Tue, 26 Jul 2022 06:14:50 -0700 (PDT)
Received: by mail-wr1-x431.google.com with SMTP id l15so16048206wro.11; Tue, 26 Jul 2022 06:14:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Ozp5SZ4RawszJcRRJ6hev3vdhQ9581xSogBwkPzv09M=; b=RW2JaSXS9Sp6wjznMIWLi7F4PQIsyWyp432J7ezz+NrtfxTnRKEitw7xAovZuBS0z4 FvWB6AtA235N0hn0jSObMofcNpCWpS02uFjz9Iixba6q3d8XYMwTYMSitQgAsXK2Pz06 2xyRIKOd5X+9ho79LdYCeGCeGlHREhMB7A2l83SJK2Bx829JIGs0AhfDaTJDwjlsd9Mu 8NDLY4iBODOeqYTyl1n5YK8bRqOLEvFuFMhx42W6GhvrTISPfQBuujLA362MQjlWNJ3v 58UOra0ZHsnkbRpKi80MQvytqn50BvrN6oAraC2NDi34a6NrqfxJCjvbKuo2JXYTKPYW NovA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Ozp5SZ4RawszJcRRJ6hev3vdhQ9581xSogBwkPzv09M=; b=c8MWQTxU0O7arWu2QIy1XMFOeQoUKISaUUO/z1kcQ2jqk0rjroDETDuZbZiAsPf41p 009vUzEcbLFzjeKKiLjihOJws1PuFTIl1HqvSCMsslvXHwuvjEN/7doEflrkS88yNUiA K8QGCmI8c+FU6CvzlYr1MQCpSIbstLMiMGlbDgJx4ji1IaRDiY9OmLoyeNofLQlL9S9Y fxe0RmBdP/uKUUOD2XQfFckD9naEPUXlO8wV3a1QmAI7xyA3keeI7ya23wQneeu2VVS5 B0s1xdJfZNy3NjuLwXsdBgFYr8UtQG/jim/WN8WstseWUELtYKtO9nK8LLLc09Onp/7R lRKg==
X-Gm-Message-State: AJIora/oIlS9EWj/W2MeU1bLYFuuju4k9Fd4cLsZz+Ie2RDqpSjWFngT VWdVDzBofR2ctpjCneujWrbshXgr0OiQYL0aE6k=
X-Google-Smtp-Source: AGRyM1ttdXjbemWUKKT3iT2HktknH3I9utOwtGkzNmWA/GP9X9jd26akNATvqrxKlKqDo4HrjNzV48TwEaiX0PYLM/U=
X-Received: by 2002:a5d:64aa:0:b0:21e:be27:6dfb with SMTP id m10-20020a5d64aa000000b0021ebe276dfbmr133855wrp.456.1658841287683; Tue, 26 Jul 2022 06:14:47 -0700 (PDT)
MIME-Version: 1.0
References: <SA1PR09MB8142D357A98BFAAF206C387C848F9@SA1PR09MB8142.namprd09.prod.outlook.com> <66814cfa-8425-8063-9193-272bc8b28291@foobar.org> <1F8421AA-8514-41FB-A047-EEDAF975B934@pfrc.org> <SA1PR09MB81421D152AC2DA200EDE1D9784919@SA1PR09MB8142.namprd09.prod.outlook.com> <E19A89F1-B892-4D41-99A3-5C551C7FB640@pfrc.org> <SA1PR09MB8142B461A3FCF715071F7EBD84919@SA1PR09MB8142.namprd09.prod.outlook.com> <F02D928E-1600-42C4-B8D0-9A544849A22D@pfrc.org> <m24jzagyi8.wl-randy@psg.com> <SA1PR09MB81422706D5E43E581A75E5B384929@SA1PR09MB8142.namprd09.prod.outlook.com>
In-Reply-To: <SA1PR09MB81422706D5E43E581A75E5B384929@SA1PR09MB8142.namprd09.prod.outlook.com>
From: Alexander Azimov <a.e.azimov@gmail.com>
Date: Tue, 26 Jul 2022 16:14:36 +0300
Message-ID: <CAEGSd=AYgEqhcsFvoxppkBQYXOVcEiJ7qe2MrL4-qDCQcKDJZw@mail.gmail.com>
To: "Sriram, Kotikalapudi (Fed)" <kotikalapudi.sriram@nist.gov>
Cc: Randy Bush <randy@psg.com>, Jeffrey Haas <jhaas@pfrc.org>, Nick Hilliard <nick@foobar.org>, "sidrops@ietf.org" <sidrops@ietf.org>, GROW WG <grow@ietf.org>, "draft-ietf-sidrops-aspa-verification@ietf.org" <draft-ietf-sidrops-aspa-verification@ietf.org>, Job Snijders <job@fastly.com>
Content-Type: multipart/alternative; boundary="000000000000b0f2bb05e4b5157a"
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/hedcI23nyKdm1iq8Augs01qyBvQ>
Subject: Re: [Sidrops] [GROW] Any credence to AS_SET in the *middle* between AS_SEQUENCEs?
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Jul 2022 13:14:52 -0000
Hi all, The current version of the draft follows the wording from draft-ietf-idr-deprecate-as-set-confed-set BGP speakers conforming to this document (i.e., conformant BGP speakers) MUST NOT locally generate BGP UPDATE messages containing AS_SET or AS_CONFED_SET. Conformant BGP speakers SHOULD NOT send BGP UPDATE messages containing AS_SET or AS_CONFED_SET. Upon receipt of such messages, conformant BGP speakers SHOULD use the "Treat-as- withdraw" error handling behavior as per [RFC7606 <https://datatracker.ietf.org/doc/html/rfc7606>]. As you can see, it uses 'SHOULD'. And this was the reason to have an additional 'Unverifiable' state, because the 'Invalid' routes MUST be rejected. If the WG agrees to change normalative language from 'SHOULD' to 'MUST', the ASPA document will follow. вс, 24 июл. 2022 г. в 11:53, Sriram, Kotikalapudi (Fed) < kotikalapudi.sriram@nist.gov>: > I think we can conclude that the outcome of the discussions in this thread > is to make the following change in ASPA-based AS path verification: > > If an AS_PATH has one or more AS_SETs in any position, mark it as Invalid. > > At least four (perhaps all five) of us who participated in the discussion > support this change. > > Thanks. > > Sriram -- Best regards, Alexander Azimov
- [Sidrops] Any credence to AS_SET in the *middle* … Sriram, Kotikalapudi (Fed)
- Re: [Sidrops] [GROW] Any credence to AS_SET in th… Nick Hilliard
- Re: [Sidrops] [GROW] Any credence to AS_SET in th… Job Snijders
- Re: [Sidrops] [GROW] Any credence to AS_SET in th… Nick Hilliard
- Re: [Sidrops] [GROW] Any credence to AS_SET in th… Sriram, Kotikalapudi (Fed)
- Re: [Sidrops] [GROW] Any credence to AS_SET in th… Job Snijders
- Re: [Sidrops] [GROW] Any credence to AS_SET in th… Sriram, Kotikalapudi (Fed)
- Re: [Sidrops] [GROW] Any credence to AS_SET in th… Jeffrey Haas
- Re: [Sidrops] [GROW] Any credence to AS_SET in th… Randy Bush
- Re: [Sidrops] [GROW] Any credence to AS_SET in th… Sriram, Kotikalapudi (Fed)
- Re: [Sidrops] [GROW] Any credence to AS_SET in th… Jeffrey Haas
- Re: [Sidrops] [GROW] Any credence to AS_SET in th… Sriram, Kotikalapudi (Fed)
- Re: [Sidrops] [GROW] Any credence to AS_SET in th… Jeffrey Haas
- Re: [Sidrops] [GROW] Any credence to AS_SET in th… Randy Bush
- Re: [Sidrops] [GROW] Any credence to AS_SET in th… Sriram, Kotikalapudi (Fed)
- Re: [Sidrops] [GROW] Any credence to AS_SET in th… Alexander Azimov
- Re: [Sidrops] [GROW] Any credence to AS_SET in th… Ben Maddison
- Re: [Sidrops] [GROW] Any credence to AS_SET in th… Randy Bush
- Re: [Sidrops] [GROW] Any credence to AS_SET in th… Job Snijders
- Re: [Sidrops] [GROW] Any credence to AS_SET in th… Randy Bush