IETF Logo Mail Archive

Re: [Sidrops] IXP Route Server question

Ben Maddison <benm@workonline.africa> Tue, 08 March 2022 21:39 UTC

Return-Path: <benm@workonline.africa>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B1EC13A1854; Tue, 8 Mar 2022 13:39:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.11
X-Spam-Level:
X-Spam-Status: No, score=-2.11 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=workonline.africa
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7f8ASNotNgOu; Tue, 8 Mar 2022 13:39:24 -0800 (PST)
Received: from EUR02-VE1-obe.outbound.protection.outlook.com (mail-ve1eur02on062a.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe06::62a]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 368913A184D; Tue, 8 Mar 2022 13:39:21 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=WUEcgndOVmwtwTYUb1i066kVO52sqk9HBWjpPdNytl0njcp7DfzpJ4luhOHsZlpPT5UyBfg4f4QFI78M4oG8xil6reGPPJuFDOs5JP8p+GTFXfNcxlpYilgeNuaH1uxQNVxNn0FkUEtKqLm5Do/2ve9mnBStntoOUBZ8JMv8zML3MzvGGbKfIPqbRCblWVnnlT4OJt7ZFnZWyzqVRg+cJbGuNOQwG3bP/PBiFWQraMWfWXOJoWR+9F/NqDGdm+pP474wKS63pyh0nIcKwUwqrxAZ04m4NCcMx6rIVQcHXRIwaOzVczp7pUWMJYpt0G9jSfKIJRyLk4lkGzDk0B7W8A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=25WrRrNtCaJFz4Jx56aIiteq1rAUMT6zFxzJZIDuCsg=; b=BZedST+e0WNsv/fa3FkaUw4RIqUvskSXUr4YV2OYuDd7ovwzAApm4h3UtxKgGEYupzHnaFYszT3fFgqVODIDSNaZzJRN0AZrpjyOvyJo8Eu421ZEfF4/ddDWFWlVx0jzM++W1st1VWQKOfxKtYsm0+QHaeBwoQNEhTgBaETkUNLMAjFi9QLoSC5oLyf/FIVmm3AC/GjeGjT4cphsl/w67I+fnDR7sXn7SpVAV7NzaHawobXSCmtrdSj1HHDsbxM4qqkLdE/PJfGBtNt4k5tVnwCEkLyCaN1s5wi/XtVTZnmJ+2Gkkh1cTxQ0VBY918y+3MuowDeKADidwsAKBli1Cg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=workonline.africa; dmarc=pass action=none header.from=workonline.africa; dkim=pass header.d=workonline.africa; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=workonline.africa; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=25WrRrNtCaJFz4Jx56aIiteq1rAUMT6zFxzJZIDuCsg=; b=Vo/Yyl6ajzGA7T1oqT5pZjaSI2Ss46yuyGY7s8wE0ycnov9cSRCs4rAuhSfucvmuj9BdOnKOvxWygM8wvvJMtHjydBbrVaCIeUEJ/6bKGNmguAo2AX0G6IrSLchs/zD+MLUVVQM/+UuKFD8Oj8YixM90UED6+dZM+ISScI2eVdk=
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=workonline.africa;
Received: from AS8P190MB1078.EURP190.PROD.OUTLOOK.COM (2603:10a6:20b:2e7::13) by AM4P190MB0115.EURP190.PROD.OUTLOOK.COM (2603:10a6:200:5e::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5038.19; Tue, 8 Mar 2022 21:39:16 +0000
Received: from AS8P190MB1078.EURP190.PROD.OUTLOOK.COM ([fe80::c1c0:78a0:e699:848b]) by AS8P190MB1078.EURP190.PROD.OUTLOOK.COM ([fe80::c1c0:78a0:e699:848b%6]) with mapi id 15.20.5038.027; Tue, 8 Mar 2022 21:39:16 +0000
Date: Tue, 8 Mar 2022 23:39:07 +0200
From: Ben Maddison <benm@workonline.africa>
To: Christopher Morrow <christopher.morrow@gmail.com>
Cc: "Sriram, Kotikalapudi (Fed)" <kotikalapudi.sriram=40nist.gov@dmarc.ietf.org>, "grow@ietf.org" <grow@ietf.org>, "sidrops@ietf.org" <sidrops@ietf.org>
Message-ID: <20220308213907.nwb6oe7qwixattga@benm-laptop>
References: <SA1PR09MB8142093BE50A27A7EED132D884099@SA1PR09MB8142.namprd09.prod.outlook.com> <CAL9jLaaB9k9-KjcERxM_TBqTduK1N+DaM=N8rpF9to0NdAQmzA@mail.gmail.com>
Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="dwjegeeqldshwhhs"
Content-Disposition: inline
In-Reply-To: <CAL9jLaaB9k9-KjcERxM_TBqTduK1N+DaM=N8rpF9to0NdAQmzA@mail.gmail.com>
X-ClientProxiedBy: CTXP275CA0014.ZAFP275.PROD.OUTLOOK.COM (2603:1086:100::26) To AS8P190MB1078.EURP190.PROD.OUTLOOK.COM (2603:10a6:20b:2e7::13)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 2ed35ade-c96f-411f-72a5-08da014c1808
X-MS-TrafficTypeDiagnostic: AM4P190MB0115:EE_
X-Microsoft-Antispam-PRVS: <AM4P190MB011560D9FF040F40501C52BFC0099@AM4P190MB0115.EURP190.PROD.OUTLOOK.COM>
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: P9fOz5xdO1G4iaTBwizNU1H4Kuss1kjg2Jr3SxCiudSCOrc/4YSglZB+D5UdVVo9v2l02dTcektIx1VpfKRe10wL+uX3T42ZLEo96NEvuiC6OPcy7l3BvVJMztrC/zlbw8YyOaLcNQbTCvY1oLp9VXKFGNIb+R6zPKm4lj/B2lhEZfdKG63VI36brp9S1lHbKGSKtsFMHMpyPUCj74Oc72lPjt5n5xap5b/unHLfny9n+awF3FbER6PyF+3PsQcUwb0AlN4mCAbfmAs9AaPBMcNmjQKiiwn11X48dWQpwYPa1HvZP7jTmxK9sHYhlZV6SCRSeAFQ1qi1l6Edc9anB+/p+/+KRkjagcickkPgV6S4K0OfFYizP5B+xyTf6rzpM+6UO0mKo73kFgudXjT1OST5LajHD/71oOkaiz1wr1RCgV/+qTjr9iNJltLknGqI+RZDJxNk6ADIjHqeqUtBAKJCv2/v4nuBvwGo7eaSOOvIWXiCiJeRuyBS3KXrYeb69K4yPsFSZ8exNKi1kv5lOGxI7eWZmTDUU75NMpIl8Z2vUbJbfYgUSw1xsAupiz4OEgeXY/wNoCO8ax3yEzaPUEp22WTDdz6w+vHphtxO/kab4T1cgwmmXy498JE33RKhFAW/ghgjFhVFvS8EByNJ241tqDeFThSHl5+k9Xp4v8SsSFtymZy38HK1OanDM8QJhS0dQav6IdBmaBz4nsZVmBwnAJFfebnwtbglV29XVTxRgYP5CCUej/X0nnD8p+Xu
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AS8P190MB1078.EURP190.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230001)(7916004)(346002)(366004)(33716001)(26005)(38350700002)(38100700002)(21480400003)(83380400001)(6666004)(6916009)(54906003)(66946007)(66556008)(8676002)(66476007)(186003)(6512007)(9686003)(4326008)(2906002)(6486002)(1076003)(5660300002)(8936002)(86362001)(52116002)(508600001)(44144004)(53546011)(6506007)(46492015)(2700100001); DIR:OUT; SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?f5gEleA8wM3w9JEnZuIPexvX+yFh5UKMzG8kmGJSuPQbTyUkz5pAgA/MFQfk?= =?us-ascii?Q?oXrntfMOHJnkTONb4NqJkNnbzFe5jXW1oT1mA4l7NvR8z7TrvxQAyvq9UzBa?= =?us-ascii?Q?sEjXut/eqhjfeHk1YeM2BXkaL9GDj+OhEE8mH0h8n3EdThkWF9bNHnqfuei0?= =?us-ascii?Q?1qrdx2J2ZJXU2u+dkM9PykoqNKbKVZGSRjQOelPfJ4iWReDiPdYf5fRSipH3?= =?us-ascii?Q?ipQro66DQcwMpP/TD+bdBjJGlgzXSPjjFJfxwMkPEob9wOndUrS+XIPacqQW?= =?us-ascii?Q?tuwye1H6WxHJIjpDuC8EBt25oRxzEEAZX1POBRQ45tb5QZ90ycweKlboqOdd?= =?us-ascii?Q?cL1FMqNptzFdZPPXTJW7++I9+CX84fycMA19cjRwp99cDjeooyDxj9lj6eAE?= =?us-ascii?Q?YplBxzGDbHKQqh8KSmfLxAy0dTCVPfAqv5Odj3FSA5nj/+msifADc8WEKt3D?= =?us-ascii?Q?wnh3hS8RKHKAlSGK0goeD4YOw/0Rw/5Px7+xN2+4/UcOC+vJl7OLZlsv1TU2?= =?us-ascii?Q?O5MyIR3sylP+hv2XTo81TVLGXo+XPo8NVqYhI8ZtZHoTPnOef90v65DBoB4E?= =?us-ascii?Q?q4eAMK4aJ2qpUrTxGqPNe0yLkldk9UIFk+IxvjBnVq0iENjXz7u78EAzX5gM?= =?us-ascii?Q?wqr9TaEsi8AztEVyoy9jBqOzPClVs5PkxVKfWxTFa/oewBI5eNERuVjcB4mL?= =?us-ascii?Q?kY5miI+55THkxygine7659cJxcuPTYidx+oWLpkDk6OEZYyGhJhRwg7yEbIn?= =?us-ascii?Q?UwLhcf+L0OIKp3hAYWdwjuxhOA+VHmCDv3KYKF9XrRW1HbjEMyyU4XfXYPuU?= =?us-ascii?Q?774kRbRNjiEVrfbb9PMYx7UReqQvmyOdAs7EOz/EVhus8yb9c+NlRFMS9T8b?= =?us-ascii?Q?clMHD7av7O327BFUC9u1o0tgGlSw67s+t/yuOVTixYlL0x/jGtHDhOma5sHQ?= =?us-ascii?Q?wQxcgcrcchHZviQGKSFhh6dMlFXrDy4pq+B5j97h+l1H1irHj9GizB0c953o?= =?us-ascii?Q?6jv+KBDxx6tAbvbZ+yUKElR8zsqSBUVUeJcU/JXTL2okluxyk2/moVWbxNTr?= =?us-ascii?Q?Lgd+Vfg1D0K9T3fQ/5UZN64eJ+V0r9fLV7nDKYdXpLy7mH7d/ZhQojPzX1Wa?= =?us-ascii?Q?SEkZXAT49WJStH/xVauETp8pj9icmWJ1xSSS2TwGIl4AiRGxVUVzU1skqIEU?= =?us-ascii?Q?gIWg+Kz07fFFrCVamE7AxUkVwMX9bFYmEoQZXmMIQIHck1XxCpq5SF/FWyaM?= =?us-ascii?Q?i+XEuAb+QhMt/2rouORU962XJuLjuszwJ2nycGmRxkqXFUdwaua5WgnH9mpi?= =?us-ascii?Q?Z8p/8Azdg+sxSYYfHB3SChod+4XDJAAuXeVeneff++IpD/90B3Pd8G5lnPst?= =?us-ascii?Q?30bzmXZx3IIipp8QVNTR/7rap22Yf/TO/APDW+QyAPH/dP92LnHr97rc/T8R?= =?us-ascii?Q?nRmqG4gWm03P3wwhGZDIHLKcDfPwv2UTRWgktkM/FRtZr6ff6Gu9lU1MMsZR?= =?us-ascii?Q?GXKZyj30IuoPr6A3p4ig2nd1/3ClAiI8ANgxLSpZ/OxULFvVU7LWmGQbZNUk?= =?us-ascii?Q?cK0nUhrLoNqInSMwO1wbp5EiebC3xzcoS4XAxyRO5Yw/RWacuz2IlSSQV0pe?= =?us-ascii?Q?c1/7UAQzLwWhKeDHoh2XMcY=3D?=
X-OriginatorOrg: workonline.africa
X-MS-Exchange-CrossTenant-Network-Message-Id: 2ed35ade-c96f-411f-72a5-08da014c1808
X-MS-Exchange-CrossTenant-AuthSource: AS8P190MB1078.EURP190.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Mar 2022 21:39:16.2131 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: b4e811d5-95e8-453a-b640-0fba8d3b9ef7
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 8dvEDb/cikMuXw5eT5AcRRiQA4BQzL0kEREjShQaOiD6zTEnD/1o5d7rbi8au4u7deyxTKfeXPZKRZrJ+rqODA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM4P190MB0115
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/sAD8QVr32QIEVCuzczGX5zUx6ic>
Subject: Re: [Sidrops] IXP Route Server question
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Mar 2022 21:39:30 -0000

On 03/08, Christopher Morrow wrote:
> On Tue, Mar 8, 2022 at 2:36 PM Sriram, Kotikalapudi (Fed)
> <kotikalapudi.sriram=40nist.gov@dmarc.ietf.org> wrote:
> 
> > This question has relevance to the ASPA method for route leak detection.
> >
> > Is it possible that an ISP AS A peers with a customer AS C via a
> > non-transparent IXP AS B?
> > IOW, the AS path in routes propagated by the ISP A for customer C's
> > prefixes looks like this:  A B C.
> > I.e., can the AS of a non-transparent IXP/RS appear in an AS path in the
> > middle between an ISP and its customer?
> >
> >
> it seems unlikely to me that an ISP would pick up a 'customer' (someone
> that pays them to transport packets) at an IXP fabric.
> Might it happen? sure? is it messy? yes!
> 
I know of several transit providers that will allow customers to use an
IXP as a kind of virtual access circuit (which itself is a poor idea),
but I would be *very* surprised if any of them allow RS peerings to be
the control plane interconnection (intentionally, at least).

If the underlying question is "should the ASPA path validation algorithm
have a corner case that accommodates this?", that is a very, very firm
"no" from me!

Cheers,

Ben

v2.8.7 | Report a Bug | By Email