Hi all, My attitude for this draft has changed several times, so did for communities vs attributes. But my current opinion can't be explained if I speak solely about this draft. There are three sets of documents that are related to detection and mitigation of mistakes/malicious activity that may happen at the interdomain routing level.
- Roles + iOTC: leak prevention, makes configuration quite easier for small-medium networks. Adopted, nearly ready for WGLC, will take years to deploy widely. - ASPA: detection of mistake/malicious activity using RPKI objects. Adopted, active work on the draft, will take years to deploy widely (RIRs a major concern). - Leak detection using community. Adopted, the draft needs significant document restructure and clarification before WGLC. The main advantage of this work and usage of communities:* it can be deployed now *(at least in networks that do support large communities). That's why I made a commitment to do my best in assisting with text. The current goal - prepare it to WGLC it before meeting in Montreal. сб, 15 июн. 2019 г. в 13:23, Nick Hilliard <[email protected]>: > Brian Dickson wrote on 15/06/2019 00:42: > > Please take a look and, if you think this is an important problem to fix > > (route leaks), add your voice here. > > there are two things here: route leaks (important), and the proposal in > draft-ietf-grow-route-leak-detection-mitigation. We can probably all > agree that route leaks are a persistent threat. > > What concerns me about this draft is that it takes an over-simplified > view of real-life networks and there's not a small amount of implied > pigeon-holing going on. The difficult with the draft is that many > networks don't fall into these neatly defined categories. There are > back-doors, partial transit configs, PNI arrangements, subnet leaks and > all sorts of weird things out there, none of which are easy to > categorise, but which nevertheless make up an important part of the > routing ecosystem. > > Characterisation of these edge cases is a difficult problem. I'm not > convinced this can be done adequately without an expressive grammar > (note: not rpsl). I'm also not convinced that the approach taken in > draft-ietf-grow-route-leak-detection-mitigation is generic enough to be > worth deploying. > > Nick > > _______________________________________________ > GROW mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/grow > -- Best regards, Alexander Azimov
_______________________________________________ GROW mailing list [email protected] https://www.ietf.org/mailman/listinfo/grow
