Hi, I have read the draft-v16 and I'd like to ask a question on sub-section 3.2: why the description of the hijack case is not a sub-sub-section? The root causes of the hijack case and the route leak case are different: prefix hijack (or path manipulation) and route leak, respectively. The commonality between the two cases is: the blast radius of an existing hijacking/leak incident will most likely be increased by excessive as-path prepending.
Best, Nan From: Michael McBride <[email protected]> Sent: Tuesday, July 8, 2025 3:44 AM To: Nick Hilliard <[email protected]>; [email protected] Subject: [GROW] Re: I-D Action: draft-ietf-grow-as-path-prepending-15.txt Hi Nick, Thank you for these comments, very helpful. Sorry for the delay, the draft submission deadline helped motivate me to update the draft. Please see MM below, I've incorporated the majority of your suggestions in a new -16 which was just submitted: From: Nick Hilliard <[email protected]<mailto:[email protected]>> Sent: Thursday, April 24, 2025 10:15 AM To: [email protected]<mailto:[email protected]> Subject: [GROW] Re: I-D Action: draft-ietf-grow-as-path-prepending-15.txt Hi Mike, Of the problems in the problem section, the interaction between prepending and malicious prefix injection (effectively sections 3.2, 3.3 and 3.4) is the primary problem. I.e. when someone announces a prefix with excess as-path prepends, someone else can announce a prefix with a shorter as path, and consequently hijack the address space. But the root problem here isn't excessive prepending: it's prefix hijacking. If someone else on the internet can announce someone else's prefix, then the hijack has already happened, and as long as the hijacked prefix is accepted by any network, then damage is already happening. The impact can be exacerbated by operator prepending, but it's any prepending, not excessive prepending. If the ID is going to make a statement about how as path prepending, then can I suggest it identifies the root cause as being prefix hijacking, but that the blast radius of an existing hijacking incident will most likely be increased by as-path prepending? Sections 3.3 and 3.4 should be rolled into this section, as they are straightforward variations on the same theme. MM: Agree, I rolled 3.3 and 3.4 as subheadings under the main heading of excessive prepending and added additional text to highlight the root problem nearly exactly as you've suggested: "While the root cause of the attacker problem is prefix hijacking, the blast radius of an existing hijacking incident will most likely be increased by excessive as-path prepending." Implementation errors are out of scope for the IETF, so section 3.6 ("Errant Announcement") and the router crash statement in the security considerations section should be deleted. I'd also argue that section 3.1 falls into this category, as the premise here is that when cumulatively broken things are done to a prefix, overall breakage will happen. Is the example in 3.1 based on a real life scenario? If it were, and I were handling network A's connectivity requirements, I'd be looking at an alternative provider, or implementing different interconnection arrangements. MM: Section 3.6 is now removed as is the sentence with router crashes in the security section. I left 3.1 alone as I still find it useful and is indeed based on a real scenario. Also, it's not clear that the second sentence in section 3.5 belongs in the draft. If there's a problem with processing complexity here, then that's an implementation problem and would be out of scope for an ID. MM: I softened the statement by saying "..is the *potential* extra complexity...". I can remove the entire section if push comes to shove but I find value in it despite it leaking (pardon the pun) into implementation. Thanks again. mike Nick [email protected]<mailto:[email protected]> wrote on 24/04/2025 00:24: Internet-Draft draft-ietf-grow-as-path-prepending-15.txt is now available. It is a work item of the Global Routing Operations (GROW) WG of the IETF. Title: AS Path Prepending Authors: Mike McBride Doug Madory Jeff Tantsura Robert Raszuk Hongwei Li Jakob Heitz Gyan Mishra Name: draft-ietf-grow-as-path-prepending-15.txt Pages: 13 Dates: 2025-04-23 Abstract: Autonomous System (AS) path prepending is a tool to manipulate the BGP AS_PATH attribute through prepending one or more Autonomous System Numbers (ASNs). AS path prepending is used to deprioritize a route in the presence of a route with a shorter AS_PATH. By prepending a local ASN multiple times, ASes can make advertised AS paths appear artificially longer. However, excessive AS path prepending has caused routing issues in the Internet. This document provides guidance for the use of AS path prepending, including alternative solutions, in order to avoid negatively affecting the Internet. The IETF datatracker status page for this Internet-Draft is: https://datatracker.ietf.org/doc/draft-ietf-grow-as-path-prepending/ There is also an HTMLized version available at: https://datatracker.ietf.org/doc/html/draft-ietf-grow-as-path-prepending-15 A diff from the previous version is available at: https://author-tools.ietf.org/iddiff?url2=draft-ietf-grow-as-path-prepending-15 Internet-Drafts are also available by rsync at: rsync.ietf.org::internet-drafts _______________________________________________ GROW mailing list -- [email protected]<mailto:[email protected]> To unsubscribe send an email to [email protected]<mailto:[email protected]>
_______________________________________________ GROW mailing list -- [email protected] To unsubscribe send an email to [email protected]
