Re: HE.net BGP origin attribute rewriting

[Joe Provo <nanog-post () rsuc gweep net>]

On Fri, Jun 01, 2012 at 08:03:50PM +0200, Daniel Suchy wrote:
> On 06/01/2012 07:38 PM, Joe Provo wrote:
> > You clearly did not read the previous posts involving actual historical 
> > evidence [and apparently ongoing] of remote networks attempting action 
> > at a distance knowing that many overlook this part of the decision tree.
> > Preventing your company from bleeding money or degrading performance at
> > whim of remote parties certainly is "cool" but also just good business
> > and proper network hygiene.
>
> By overwriting origin field, there's no warranty that someone improves
> performance at all - it's just imagination. 

Cost and performance were merely two reasons someone may wish to prevent
remote parties from using origin to influence outbound traffic from my 
network.  I can state it is not imagination when I encountered networks
doing this in the past for prefixes they were sourcing. To be clear - 
these were prefixes being sourced by a neighbor who was providing 
different origin codes on different sessions. Either they were [to
Nick Hilliard's point] using different kit and unaware of the differnt
implementations or [as evidence bore out] purposefully shifting traffic
without arrangement on links that were worse for me and in violation 
of the agreement we entered into when peering.

> In extreme cases,
> performance can be degraded when someone in the middle plays with origin
> field and doesn't know reasons, why originating network uses something
> else than IGP origin. 

The issues that were repeatedly mentioned were not not 'use something 
other than origin IGP'. Rather, two clear examples were:
- a party in the middle adjusting prefixes not of their origin with 
  the express intent of attracting traffic [from paying downstreams]
- a directly connected party cost-shifting long-haul carriage for their
  sourced prefixes without prior arrangement

> In RFC 2119 words, full implications were not
> understanded - when this overwriting is done generally.

I think you're trying to make sense here but it isn't coming through.
You are saying that dealing with someone shifting costs to my network
*after8 asking them what they were doing and getting no useful reply
is not thinking it through?

> Also, there must be some historical reason, why origin should not be
> rewritten (this changed in January 2006). For internal reasons within
> the network operator still haves enough knobs to enforce own policy (by
> setting localpref, med on his network).
 
There certainly were historical reasons for treating origin as sacrosanct.
Time has marched on and those reasons are now *historical*, hence the 
quite reasonable updat eto the RFC. You seem to fail to understand that 
MED comes after origin on the decision tree, and therefore someone can 
influence traffic carriage without agreement.

Cheers,

Joe

-- 
         RSUC / GweepNet / Spunk / FnB / Usenix / SAGE / NewNOG