soBGP deployment

• Previous message (by thread): soBGP deployment
• Next message (by thread): soBGP deployment
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 25 May 2005, Tony Li wrote:

>> I know all the issues up there are real, since I've occasionally heard
>> about them happening.  I understand the devastating consequences of
>> somebody finding a sufficiently well connected unfiltered BGP session
>> and using it to announce some important prefixes.  I fully agree that it
>> should be fixed.
>>
>> And yet, in the nine or so years I've been working on network
>> infrastructure stuff, spoofed BGP announcements have never been a major
>> cause of problems for me.
>
>
> That's what we can say so far.  Do you really want to wait until we have
> a major problem?

No.  As I said, I understand that the results of somebody doing something 
malicious here would be bad.

My point (covered in the paragraph you didn't quote) is that schemes for 
requiring the authentication of routing information can also cause 
problems (which could be major if they happen to the wrong prefixes).  If 
we make the network more able to withstand worst case scenarios without 
doing damage to its ability to be stable in its every day environment, 
that's a clear win.  If, on the other hand, we were to get the network 
into a situation where it was harder for terrorists to push it over but it 
fell over on its own with some regularity, that probably wouldn't be an 
improvement.

I'm not saying don't secure BGP.  I'm saying be very careful in doing so, 
if you want to convince network operators to implement it.

I'll note that I'm not talking about soBGP specifically.  I have read the 
RFC, but I'm still not sure I understand it sufficiently to pass 
judgement.

-Steve

• Previous message (by thread): soBGP deployment
• Next message (by thread): soBGP deployment
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]