I do have one question about this draft. In looking at all of the requirements
for BGPSec, are AS migration scenarios in- or out-of-scope for BGPSec? IOW,
when one SP (AS A) buys/merges with another SP (AS B) what typically happens is
they will consolidate to a single ASN, e.g.: either AS A or AS B. The primary
goal is to (try to) do that rapidly _without_ requiring /any/ coordination and
as little disruption as possible across a very large set of the SP's customers.
As such, several years ago [several] vendors have implemented features that
satisfy this requirement:
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t11/feature/guide/gtbgpdas.html
http://www.juniper.net/techpubs/en_US/junos11.3/topics/reference/configuration-statement/local-as-edit-protocols-bgp.html
There are several permutations of the aforementioned feature; however, the
overall goal of these features is to NOT alter the AS_PATH length, either on
receipt or transmission of the AS_PATH (during the length of time of the
migration), since AS_PATH length plays a crucial role in BGP's path selection
algorithm and, ultimately, the amount of traffic sent or received to that SP.
I am unaware of any draft or RFC within the IETF that one could refer to with
more detail on the above features, but I may be misinformed. However, I will
state (emphatically) that these features are currently being used now and will
continue to be used in the future.
If ASN migrations are not going to be accounted for in BGPSEC, then would it be
prudent to explicitly say so in Req #3.4 wrt "operational considerations for
deployment" in the "e.g." part:
---snip---
3.4 A BGPsec design MUST provide analysis of the operational
considerations for deployment and particularly of incremental
deployment, e.g, contiguous islands, non-contiguous islands,
universal deployment, etc..
---snip---
Thanks,
-shane
On Oct 28, 2011, at 12:40 PM, Christopher Morrow wrote:
> Seems that the authors, at least, expect this doc to be prepared for
> WGLC, could we do that concluding 11/11/11 please?
>
> Draft link: <http://tools.ietf.org/wg/sidr/draft-ietf-sidr-bgpsec-reqs/>
> 01 link: <http://tools.ietf.org/html/draft-ietf-sidr-bgpsec-reqs>
> diff link:
> <http://tools.ietf.org/wg/sidr/draft-ietf-sidr-bgpsec-reqs/draft-ietf-sidr-bgpsec-reqs-01-from-00.diff.html>
>
> Abstract:
> "This document describes requirements for a future BGP security
> protocol design to provide cryptographic assurance that the origin AS
> had the right to announce the prefix and to provide assurance of the
> AS Path of the announcement."
>
> Thanks!
> -Chris
> <wg-co-chair-haircut == completed>
> _______________________________________________
> sidr mailing list
> [email protected]
> https://www.ietf.org/mailman/listinfo/sidr
_______________________________________________
sidr mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/sidr
