On Wed, Mar 28, 2012 at 10:56:52AM -0400, Jakob Heitz wrote: > The issue is SIDR can not aggregate multiple paths. > > Solutions I can think of: > 1. Aggregate the signatures of the paths being aggregated.
What are the semantics you're trying to preserve SIDR-wise? We're hitting the realm where Russ White would point out that BGP path validation can't prove how forwarding works. Presume we managed to pass along two distinct paths for the same multi-path route in BGP. What do you do if one doesn't validate? What do you do if they do, but you think this is a form of a "route leak" for one path? As a receiver of the route that is making use of multipath, you can't selectively choose which sub-paths to take. (It's not like we're gettng something like MPLS entropy labels.) > 2. Don't aggregate, but send both paths. That doesn't cover the actual forwarding semantics. > Should SIDR work on path aggregation? > Are there other possibilities? The biggest problem here is "SIDR secures BGP". The issue hasn't been clear in BGP for years, although I'm perhaps of the cynical opinion that it's been a well understood problem space for a while now. The protocol doesn't reflect what is done operationally. The safe thing operationally when aggregating unsafe paths is to generate sets, but some people have never liked sets. And as I mentioned elsewhere, it doesn't matter as long as you take care in where you redistribute such unsafe multipath. There was a reason I wasn't terribly supportive of the deprecating AS_SETs I-D. However, I also knew it was a losing battle. :-) -- Jeff _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
