On Tue, Dec 19, 2017 at 10:50:29AM +0100, Gert Doering wrote: > On Tue, Dec 19, 2017 at 09:53:08AM +0100, Job Snijders wrote: > > Yes, route servers can be very useful, no question about it. I think > > their value as a service would increase if they become visible > > participants of the routing ecosystem. > > Not sure about that. IXP participants know where the route is coming > from, and why should it be of anyone else's concern whether I have a > direct peering with you, or use a RS for it?
When route leaks or hijacks occur, I approach all ASNs in the AS_PATH to figure out who originated it and which ASN(s) failed to apply filters. As I'm stating in this thread (ad nauseam), if the ASN of an involved BGP operator is not visible, I can't approach them and help them improve their operations. When we look at a blogpost like https://radar.qrator.net/blog/born-to-hijack it is easy to see that it is of paramount importance to ensure filters are applied on _every_ boundary in the AS_PATH, also the ones that are currently invisible. > > Gert, do you think it would affect your operations if the route > > server would insert its ASN into the AS_PATH? > > Yes. BGP works by comparing AS path lengths, you know :-) - and that > would cause significant work as direct peerings would automatically > have shorter AS paths than via-route-server peerings. > > Thus, traffic shift, which needs to compensated - like, by adding > extra prepends to direct peerings - which would have consequences for > the AS path lenghts seen by our customers. > > In other words: we asked for AS-Path transparent RSes 15 years ago, > and this is still what we want today. If I can summarize the above, you state "fiddling with the as_path length would negatively affect my operations" - but do you agree with my concern that a lack of visibility leads to a lack of accountability? Kind regards, Job _______________________________________________ GROW mailing list GROW@ietf.org https://www.ietf.org/mailman/listinfo/grow
