soBGP deployment
Steve Gibbard
scg at gibbard.org
Thu May 26 00:04:41 UTC 2005
On Wed, 25 May 2005, Tony Li wrote:
>> I know all the issues up there are real, since I've occasionally heard
>> about them happening. I understand the devastating consequences of
>> somebody finding a sufficiently well connected unfiltered BGP session
>> and using it to announce some important prefixes. I fully agree that it
>> should be fixed.
>>
>> And yet, in the nine or so years I've been working on network
>> infrastructure stuff, spoofed BGP announcements have never been a major
>> cause of problems for me.
>
>
> That's what we can say so far. Do you really want to wait until we have
> a major problem?
No. As I said, I understand that the results of somebody doing something
malicious here would be bad.
My point (covered in the paragraph you didn't quote) is that schemes for
requiring the authentication of routing information can also cause
problems (which could be major if they happen to the wrong prefixes). If
we make the network more able to withstand worst case scenarios without
doing damage to its ability to be stable in its every day environment,
that's a clear win. If, on the other hand, we were to get the network
into a situation where it was harder for terrorists to push it over but it
fell over on its own with some regularity, that probably wouldn't be an
improvement.
I'm not saying don't secure BGP. I'm saying be very careful in doing so,
if you want to convince network operators to implement it.
I'll note that I'm not talking about soBGP specifically. I have read the
RFC, but I'm still not sure I understand it sufficiently to pass
judgement.
-Steve
More information about the NANOG
mailing list