IETF Logo Mail Archive

Re: [v6ops] Deaggregation by large organizations

Ted Lemon <Ted.Lemon@nominum.com> Wed, 15 October 2014 15:14 UTC

Return-Path: <Ted.Lemon@nominum.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CFE4C1A86DE; Wed, 15 Oct 2014 08:14:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hr69Pfi49-7y; Wed, 15 Oct 2014 08:14:15 -0700 (PDT)
Received: from shell-too.nominum.com (shell-too.nominum.com [64.89.228.229]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5248B1A8546; Wed, 15 Oct 2014 08:14:09 -0700 (PDT)
Received: from archivist.nominum.com (archivist.nominum.com [64.89.228.108]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "*.nominum.com", Issuer "Go Daddy Secure Certificate Authority - G2" (verified OK)) by shell-too.nominum.com (Postfix) with ESMTP id 39FB61B8305; Wed, 15 Oct 2014 08:14:09 -0700 (PDT)
Received: from webmail.nominum.com (cas-02.win.nominum.com [64.89.228.132]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (Client CN "mail.nominum.com", Issuer "Go Daddy Secure Certification Authority" (verified OK)) by archivist.nominum.com (Postfix) with ESMTP id 31AD553E076; Wed, 15 Oct 2014 08:14:09 -0700 (PDT)
Received: from [192.168.1.63] (71.201.198.58) by CAS-02.WIN.NOMINUM.COM (192.168.1.101) with Microsoft SMTP Server (TLS) id 14.3.195.1; Wed, 15 Oct 2014 08:14:08 -0700
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
From: Ted Lemon <Ted.Lemon@nominum.com>
In-Reply-To: <F5C06CAF-0AD2-4225-8EE7-FC72CE9913F0@muada.com>
Date: Wed, 15 Oct 2014 10:14:02 -0500
Content-Transfer-Encoding: quoted-printable
Message-ID: <5B13739D-5BFD-467C-8DF0-D391508EB5C0@nominum.com>
References: <F5C06CAF-0AD2-4225-8EE7-FC72CE9913F0@muada.com>
To: Iljitsch van Beijnum <iljitsch@muada.com>
X-Mailer: Apple Mail (2.1878.6)
X-Originating-IP: [71.201.198.58]
Archived-At: http://mailarchive.ietf.org/arch/msg/v6ops/Oy6r8CXvCxM0r2fZIdtAnoReKpE
Cc: v6ops@ietf.org, grow@ietf.org
Subject: Re: [v6ops] Deaggregation by large organizations
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Oct 2014 15:14:18 -0000

On Oct 15, 2014, at 7:29 AM, Iljitsch van Beijnum <iljitsch@muada.com> wrote:
> However, rather than advertising that block in BGP as a single prefix, or perhaps a handful of prefixes, like an ISP would, they subdivide this block within the organization and then many subunits advertise subprefixes though different ISPs. The aggregate may or may not be advertised.

Yuck.   Has anybody done an analysis of how this works with RPKI?   Seems like an obvious attack surface if the RPKI isn't present or isn't done right.

v2.23.0 | Report a Bug | By Email