nanog mailing list archives
Re: ROVER routing security - its not enumeration
From: Doug Montgomery <dougm.tlist () gmail com>
Date: Wed, 06 Jun 2012 14:13:41 -0400
On 6/5/12 3:40 PM, Randy Bush wrote:
There are number of operational models that provide the needed routing protection without enumeration.I can see a use-case for something like: "Build me a prefix list from the RIR data"this requires a full data fetch, not doable in dns. and, at the other end of the spectrum, for any dynamic lookup on receiving a bgp announcement, the data had best be already in the router. a full data set on an in-rack cache will go nuts on any significant bgp load. beyond that, you are in non-op space. randy
I think we debate the superficial here, and without sufficient imagination. The enumerations vs query issue is a NOOP as far as I am concerned. With a little imagination, one could envision building a box that takes a feed of prefixes observed, builds an aged cache of prefixes of interest, queries for their SRO records, re queries for those records before their TTLs expire, and maintains a white list of "SRO valid" prefix/origin pairs that it downloads to the router.
Lets call that box a SRO validating cache.Where do you get the feed of prefixes of interest? From your own RIBs if you are only interested in white lists proportional to the routes you actually see, e.g., feed the box iBGP. From other sources (monitors, etc) if you would like a white list of every known prefix that anyone has seen.
What about a completely new prefix being turned up? ... we could talk through those scenarios in each approach.
How does the cache down load the white list to the router ... we already have one approach for that. Add a bit to the protocol to distinguish semantics of SRO from ROA semantics if necessary.
Point being, with a little imagination I think one could build components with either approach with similar black box behavior.
If there are real differences in these approaches it will be in their inherent trust models, the processes that maintain those trust models, the system's level behavior of the info creation and distribution systems, and the expressiveness of their validation frameworks.
dougm
Current thread:
- ROVER routing security - its not enumeration Daniel Massey (Jun 05)
- Re: ROVER routing security - its not enumeration Shane Amante (Jun 05)
- Re: ROVER routing security - its not enumeration Christopher Morrow (Jun 05)
- Re: ROVER routing security - its not enumeration Randy Bush (Jun 05)
- Re: ROVER routing security - its not enumeration Christopher Morrow (Jun 05)
- Re: ROVER routing security - its not enumeration Randy Bush (Jun 05)
- Re: ROVER routing security - its not enumeration Christopher Morrow (Jun 05)
- Re: ROVER routing security - its not enumeration Randy Bush (Jun 05)
- Re: ROVER routing security - its not enumeration Randy Bush (Jun 05)
- Re: ROVER routing security - its not enumeration Doug Montgomery (Jun 06)
- Re: ROVER routing security - its not enumeration Paul Vixie (Jun 10)
- Re: ROVER routing security - its not enumeration Doug Montgomery (Jun 11)
- Re: ROVER routing security - its not enumeration Christopher Morrow (Jun 05)