Please note that, for the specific case above, I did not mention "complicated"&
"burdensome" prefix-list filtering … just AS_PATH sanity check filtering, i.e.: if you see AS
(FOO|BAR|BAZ) in the path, drop (don't learn) the route. Also, I would note that this type of
configuration re-emphasizes what Russ White has said, specifically that (this) policy is local to each
AS and is _not_ 'shared' with any other ASN.
understood, don't disagree... and yes, Russ's point about the local
policy not being exposed publicly means ... we can't today figure this
out easily.
Unless you're willing to expose your policy publicly, or at least within
the realm of partners you expect to help you enforce it. One of the
problems with SIDR has been the constant insistence that "policy not be
exposed publicly."
I'll say it again.
1. All security is about exposing and enforcing intent.
2. You can only secure intent you know and understand. You can't expect
someone who doesn't know what you mean to do what you want, no matter
how nicely you ask.
3a. We can decide that those who want to secure anything must publicly
(or semi-publicly) declare what it is they want secured.
3b. We can decide that we "only want to secure the BGP spec," which
opens another wormhole (though if that's the wormhole you'd like to go
down, I'd be happy to transfer this work to IDR, where the experts on
that spec live).
3c. We can continue down the path of, "we can't tell anyone what we want
them to do, we just expect them to read our minds and do what we intended."
SIDR seems determined to do 3c, no matter how unwise or how unrealistic.
:-)
Russ
_______________________________________________
sidr mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/sidr
