Do Not Complicate Routing Security with Voodoo Economics

Michael Schapira ms7 at CS.Princeton.EDU
Sun Sep 4 23:04:35 CDT 2011


On Sun, Sep 4, 2011 at 5:39 PM Neil J. McRae neil at domino.org wrote:

> ... one could almost argue the opposite also or make the same case about nearly any feature in a transit product! If i stop offering
> community based filtering- I'd probably see revenue decline!
 
> Yes some features in a product set drive revenue - thats all you are really saying which is fine but we have alot of features people want in
> the network and what would be a more useful paper would be why this one might drive more revenue growth than the others that are all fighting
> development prioritisation - - - which isnt clear to me in your paper."



One crucial way in which S*BGP differs from other features is that ASes which deploy S*BGP *must* use their ability to validate paths to inform route selection (otherwise, adding security to BGP makes no sense). Therefore, S*BGP is bound to affect how traffic flows on the Internet. Our work is about harnessing this observation to drive S*BGP deployment.
 
We consider the case that security plays a very small role in the BGP decision process and, in particular, that security considerations come *after* the Local-Pref and AS-PATH length steps in the BGP decision process. We give evidence that even in this case a small set of early adopters is sufficient to transition a large fraction of the Internet to S*BGP.
 
 

 




More information about the NANOG mailing list