BCP38 For BGP Customers

Jared Mauch jared at puck.nether.net
Thu Nov 10 23:13:50 UTC 2022


On Thu, Nov 10, 2022 at 10:27:02AM -0800, William Herrin wrote:
> On Thu, Nov 10, 2022 at 10:08 AM Grant Taylor via NANOG <nanog at nanog.org> wrote:
> > I wonder if Feasible Path uRPF or Enhanced Feasible Path uRPF might help
> > the situation.  However I suspect they both suffer from the FIB != RIB
> > problem and associated signaling.
> 
> Hi Grant,
> 
> That's a fairly good way to think about it. BGP knows -a- path and
> sometimes it knows more than one but it simply doesn't have signal on
> the totality of feasible paths for a particular IP address. No
> distance-vector protocol can.

	There's more than this going on as well, because there's a
number of other things going on, the IETF has created a SAVNET working
group to see if it's possible to do something here, and there's also
work in the SIDROPS WG that isn't yet adopted but may be.

	The intent would be to include things like the ASPA work with
the SIDR/RPKI work to permit a proof to exist for SAV purposes.  This
may not include all the p2p IP space that would exist between the
networks, and if one doesn't publish ASPA data for things like all those
cloud on-ramp type services, you may end up with traffic blackholed or
other side-effects.

	Simply put, SAV/BCP-38 et al is hard, and nearly impossible when
you get much further away from the subnet that traffic originates from.

	- Jared

-- 
Jared Mauch  | pgp key available via finger from jared at puck.nether.net
clue++;      | http://puck.nether.net/~jared/  My statements are only mine.


More information about the NANOG mailing list