I have not, I will take a peek, thanks. Securing topology information would be a big win with link-state.
On Mon, 25 Aug 2025 at 17:43, 7ri...@gmail.com <7ri...@gmail.com> wrote: > > > Have you ever looked at soBGP or Path State Vectors. Happy to hang out > and explain if it would be helpful, but these are/were effectively BGP > security efforts that were ultimately driving to a DAG overlay. > > They failed because the community became extremely focused on securing > "BGP operation" rather than securing the base topology information. > > :-) /r > > > ------ Original Message ------ > From "Saku Ytti via NANOG" <nanog@lists.nanog.org> > To na...@immibis.com > Cc "North American Network Operators Group" <nanog@lists.nanog.org>; > "Saku Ytti" <s...@ytti.fi> > Date 8/25/2025 02:04:15 > Subject Re: Link-state EGP > > >On Mon, 25 Aug 2025 at 03:44, <na...@immibis.com> wrote: > > > >> It has to be a shortest path or at least you have to know their shortest > >> path doesn't go back through you. Perhaps AS21's shortest path to AS23 is > >> through you. In a link-state protocol you can't do shit to stop them using > >> you as transit, besides outright blocking their traffic (breaking the > >> internet) or splitting your AS in 3. > >> > >> How many times do I have to say it, maybe with big enough letters? ***A > >> LINK STATE ROUTING PROTOCOL IS A DISTRIBUTED CONSENSUS ALGORITHM. ALL > >> NODES MUST RUN THE IDENTICAL ALGORITHM ON IDENTICAL INPUT DATA OR THE > >> NETWORK BREAKS.*** > >> > >> Perhaps you've invented a new type of algorithm where that's not the > >> case. In this case I suggest ceasing to call it "link state", and writing > >> a detailed paper about it instead of vague hints. > > > >Oh I'm definitely not writing a paper. But I'm not sure a novel > >algorithm is needed (nor am I sure it is not needed). Certainly the > >graph cannot be a symmetric directed graph. That is the directions or > >arrows represent direction. You have edges which are reachable through > >you (customers) and you have edges which can be used to reach your > >customers (upstreams). > > > >So my link-state would have AS2[123] edges as reachable through me and > >AS3[123] as edges that can be used to reach those AS2[123] edges. So > >arbitrary node further down the network wouldn't use me to reach > >AS2[123] because of the direction of the arrow. > > > >> Only in a link-state protocol! Luckily, BGP is not a link-state protocol. > > > >Of course it is easy to end up with loopy BGP configurations. But then > >we change the configuration and come up with something else. > > > >-- > > ++ytti > >_______________________________________________ > >NANOG mailing list > >https://lists.nanog.org/archives/list/nanog@lists.nanog.org/message/2AFXLTXOC3EKRZNSDHRYBB53D45VR7TD/ -- ++ytti _______________________________________________ NANOG mailing list https://lists.nanog.org/archives/list/nanog@lists.nanog.org/message/VCZL4BNUJJ5JFUKGYS7ZZJYCVRKKUVFF/
