Randy Bush wrote:
i think we're ratholing here. can you tell us in simple words
Indeed. Therefore, we are working on a document that will provide a
detailed explanation of our methods, why we believe they are useful, and
why we believe they are safe.
Once it is ready we will post a link to this
I think this nicely summarizes it. If you answer these questions,
most people will be happy,
Henk
At 02:19 04/03/2005, Randy Bush wrote:
lorenzo,
i think we're ratholing here. can you tell us in simple words
o what you are trying to learn with your experiment and why
it will help us unders
lorenzo,
i think we're ratholing here. can you tell us in simple words
o what you are trying to learn with your experiment and why
it will help us understand or better manage our networks
(thanks rodney)
o why the way you are doing it is safe and will not affect
the packets we'
James [mailto:[EMAIL PROTECTED] wrote:
>They are not playing with the core. The result of what they are
>doing is dependent on specific topology and level of direction
>they are throwing prefixes at.
>While I will not dispute your statement, I believe that every
>ASN should be responsible of t
> >>So, given these considerations, is everyone announcing an AS-set
> >>announcing "routes that falsely claim to have passed through another
> >>autonymous system"?
> >
> > Yes. From RFC1771:
> Ok, so if everyone announcing an AS-set is announcing "routes that
> falsely claim to have passed
> The RFC also says:
>
> > An AS_SET implies that the destinations listed in the NLRI can be
> > reached through paths that traverse at least some of the
> > constituent autonomous systems.
>
> which is exactly what we are doing.
Yes, you can cite sections of the RFC th
* [EMAIL PROTECTED] (Lorenzo Colitti) [Fri 04 Mar 2005, 02:09 CET]:
> As far as the RFC is concerned, the AS-set is part of the AS-path. See
> Section 4.3, which says the AS-path is "a well-known mandatory attribute
> that is composed of a sequence of AS path segments. Each AS path segment
> is
On Thu, Mar 03, 2005 at 07:40:53PM -0500, Matthew Crocker wrote:
[ snip ]
>
> Oh, I don't know, increasing the size of an already bloated global
> routing table;
>possibly crashing routers which are already starving
> for FIB RAM?
Probably not FIB, may be the BGP RIB for the most people t
Niels Bakker wrote:
Every piece of BGP documentation I have ever seen says that this
attribute documents the ASes that the route has actually passed
through.
I think the above paragraph of RFC 1771 disagrees with you.
Please quote properly; the context was AS_path, not AS_set.
David Schwartz was r
David Schwartz wrote:
They are experimental in that yes, we are experimenting with a new
technique for topology discovery which to our knowledge has not been
proposed before.
So you do not know what affect your announcements will have.
We don't know the effectiveness of the technique. That depends
On Mar 3, 2005, at 7:22 PM, James wrote:
You certainly need their permission before you can advertise routes
that
falsely came to have passed through their network!
What kind of specific _technical_ issue do I create by prepending
another ASN
on AS_PATHs I advertise, without such "owner"'s perm
On Thu, Mar 03, 2005 at 02:28:43PM -0800, David Schwartz wrote:
[ snip ]
>
> Every piece of BGP documentation I have ever seen says that this
> attribute
> documents the ASes that the route has actually passed through.
>
> > Do I need to get permission from Sprint before I include 1239:
> David Schwartz wrote:
> >>Prepending announcements with remote AS numbers has been a well-known
> >>technique for preventing prefixes from propagating to particular ASes
> >>for a long time.
> > And therefore such use would not be considered
> > experimental. We are talking
> > about experimen
* [EMAIL PROTECTED] (Lorenzo Colitti) [Fri 04 Mar 2005, 00:09 CET]:
> David Schwartz wrote:
>> Every piece of BGP documentation I have ever seen says that this
>> attribute documents the ASes that the route has actually passed
>> through.
> I think the above paragraph of RFC 1771 disagrees with y
David Schwartz wrote:
Prepending announcements with remote AS numbers has been a well-known
technique for preventing prefixes from propagating to particular ASes
for a long time.
And therefore such use would not be considered experimental. We are
talking
about experimenting with routes that fa
James A. T. Rice wrote:
You appear to be trying to take advantage of a side effect of this
behaviour, in order to see what other ASn transitive adjacancies are
available that would not normally be used, by inserting the ASns of
transit AS's that would normally be used, into the as path you are
> On 2 Mar 2005, at 22:30, David Schwartz wrote:
>
> > Please just clarify the following point: do you intend to advertise
> > paths
> > containing AS numbers belonging to other entities on the public
> > Internet
> > without the permission of the owners of those AS numbers? You admit
> > tha
On Thu, 2005-03-03 at 13:51 -0500, Blaine Christian wrote:
>And, of course, the RPSEC working group draft that is supposed to target the
>BGP requirements for those proposed systems is...
>
>http://www.ietf.org/internet-drafts/draft-ietf-rpsec-bgpsecrec-01.txt
>
>The folks who worked on S-BGP and
> I am probably telling you what you already know, but for the ones who
> don't know it yet:
>
> Secure BGP (S-BGP):
> http://www.ir.bbn.com/projects/s-bgp/
> http://www.nanog.org/mtg-0306/pdf/bellovinsbgp.pdf
> http://www.nwfusion.com/details/6484.html?def
>
> and of course the sister by among
On 2 Mar 2005, at 22:30, David Schwartz wrote:
Please just clarify the following point: do you intend to
advertise paths
containing AS numbers belonging to other entities on the public Internet
without the permission of the owners of those AS numbers? You admit that you
don't know what the conse
On Thu, 2005-03-03 at 20:27 +1100, Geoff Huston wrote:
>>On 2005-03-02, at 19.38, James A. T. Rice wrote:
>>
>> > This seems to suggest that you are just picking ASns at random to
>> > inject into the paths, and that you don't have a set of ASs which you
>> > have the assignees permission to use.
>
On 2 Mar 2005, at 22:30, David Schwartz wrote:
Please just clarify the following point: do you intend to advertise
paths
containing AS numbers belonging to other entities on the public
Internet
without the permission of the owners of those AS numbers? You admit
that you
don't know what the con
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 2005-03-03, at 10.27, Geoff Huston wrote:
>
>> On 2005-03-02, at 19.38, James A. T. Rice wrote:
>>
>> > This seems to suggest that you are just picking ASns at random to
>> > inject into the paths, and that you don't have a set of ASs which
>> y
> Ok, I realize I might have given the wrong impression here. Sorry.
>
> So here's what we are doing: by artificially inserting ASes into the
> AS-set of an announcement, the ISP that makes the announcement can
> control where the announcement is propagated and thus discover paths
> followed by i
James A. T. Rice wrote:
So, the ASn's are not picked at random, yet mine might be included if I
don't specifically ask for them not to be included, yet you decline to
tell how my ASn might have been selected for this.
Ok, I realize I might have given the wrong impression here. Sorry.
So here's wh
James A. T. Rice wrote:
This seems to suggest that you are just picking ASns at random to inject
into the paths, and that you don't have a set of ASs which you have the
assignees permission to use.
In which case please keep AS8330, AS8550, and AS8943 out of your
experiments too.
Using not yet
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 2005-03-02, at 19.38, James A. T. Rice wrote:
> This seems to suggest that you are just picking ASns at random to
> inject into the paths, and that you don't have a set of ASs which you
> have the assignees permission to use.
Would't this then
Gert Doering wrote:
2005-03-04:
14:00 UTC: 10-element AS-set
14:30 UTC: withdrawal
16:00 UTC: 25-element AS-set
16:30 UTC: withdrawal
Please do not announce AS-sets that contain 5539. We are not part of
your experiment, and we don't want to see our AS appear in othe
On Wed, 2 Mar 2005, Christopher L. Morrow wrote:
>
> On Wed, 2 Mar 2005, Hank Nussbacher wrote:
>
> >
> > At 02:49 AM 02-03-05 +0100, Daniel Roesen wrote:
> > >On Wed, Mar 02, 2005 at 01:27:31AM +, James A. T. Rice wrote:
> > > > What exactly are you attempting to do here? Those announcements
On Wed, 2 Mar 2005, Hank Nussbacher wrote:
>
> At 02:49 AM 02-03-05 +0100, Daniel Roesen wrote:
> >On Wed, Mar 02, 2005 at 01:27:31AM +, James A. T. Rice wrote:
> > > What exactly are you attempting to do here? Those announcements will get
> > > dropped on the floor at least in this AS right
At 02:49 AM 02-03-05 +0100, Daniel Roesen wrote:
On Wed, Mar 02, 2005 at 01:27:31AM +, James A. T. Rice wrote:
> What exactly are you attempting to do here? Those announcements will get
> dropped on the floor at least in this AS right away:
>
> route-map peers-in deny 5
> match as-path 109
AS-
On Wed, Mar 02, 2005 at 01:27:31AM +, James A. T. Rice wrote:
> What exactly are you attempting to do here? Those announcements will get
> dropped on the floor at least in this AS right away:
>
> route-map peers-in deny 5
> match as-path 109
AS-Sets, not AS-Paths...
Regards,
Daniel
--
Hi,
as announced to the RIPE routing working group mailing list [1] and
elsewhere, over the next few days the Computer Networks research group
at Roma Tre University, in collaboration with the RIPE NCC RIS project,
will be performing experiments involving announcements with large
AS-sets in the
33 matches
Mail list logo