ROVER routing security - its not enumeration

• Previous message (by thread): ROVER routing security - its not enumeration
• Next message (by thread): ROVER routing security - its not enumeration
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 6/5/12 3:40 PM, Randy Bush wrote:
>>> There are number of operational models that provide the needed
>>> routing protection without enumeration.
>> I can see a use-case for something like:
>>    "Build me a prefix list from the RIR data"
> this requires a full data fetch, not doable in dns.
>
> and, at the other end of the spectrum, for any dynamic lookup on
> receiving a bgp announcement, the data had best be already in the
> router.  a full data set on an in-rack cache will go nuts on any
> significant bgp load.  beyond that, you are in non-op space.
>
> randy
>

I think we debate the superficial here, and without sufficient 
imagination.   The enumerations vs query issue is a NOOP as far as I am 
concerned.    With a little imagination, one could envision building a 
box that takes a feed of prefixes observed, builds an aged cache of 
prefixes of interest, queries for their SRO records, re queries for 
those records before their TTLs expire, and maintains a white list of 
"SRO valid" prefix/origin pairs that it downloads to the router.

Lets call that box a SRO validating cache.

Where do you get the feed of prefixes of interest?    From your own RIBs 
if you are only interested in white lists proportional to the routes you 
actually see,  e.g., feed the box iBGP.   From other sources (monitors, 
etc) if you would like a white list of every known prefix that anyone 
has seen.

What about a completely new prefix being turned up?   ... we could talk 
through those scenarios in each approach.

How does the cache down load the white list to the router ... we already 
have one approach for that.  Add a bit to the protocol to distinguish 
semantics of SRO from ROA semantics if necessary.

Point being, with a little imagination I think one could build 
components with either approach with similar  black box behavior.

If there are real differences in these approaches it will be in their 
inherent trust models, the processes that maintain those trust models, 
the system's level behavior of the info creation and distribution 
systems, and the expressiveness of their validation frameworks.

dougm

• Previous message (by thread): ROVER routing security - its not enumeration
• Next message (by thread): ROVER routing security - its not enumeration
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]