In other words, instead of a single bit flag per signature, a one-byte type
code taken from the AS_PATH segment type space? I like it! This would come
closer to clearing concerns about being able to represent the structure of an
AS_PATH in bgpsec. (Representing the semantics is another kettle of fish, see
discussions of sets.)
The only hitch with this approach in representing AS_PATH semantics is that it
doesn't capture segment boundaries. These are not important between
AS_{CONFED}_SEQUENCE segments, but they are meaningful between
AS_{CONFED}_SETs. If you want to go for 100% fidelity, it would also be
necessary to be able to represent the boundaries between segments.
(Granted we have decided that sets are not applicable in the bgpsec world.
Nonetheless I offer it as a demonstration that segment boundaries can be
meaningful in an AS_PATH.)
--John
On Aug 6, 2012, at 8:15 AM, Murphy, Sandra wrote:
> Speaking as a regular ol' member
>
> This also matches a thought that I just sat down to write up.
>
> Record the usual AS_PATH type in the signature attribute, meaning that the
> internally added AS_PATH elements get marked as AS_CONFED_SEQ and get
> stripped as such at the confed border, just as for current regular BGP.
>
> This is isomorphic to adding the confed marker on every internal peering, but
> simply reuses existing confed semantics. (Rather than "more faithfully
> mimics" :-) ) See also "reduce it to a problem that has already been
> solved."
>
> I found the use of pcount=0 as part of the protocol behavior to be a pity, so
> a way of getting around that is attractive.
>
> --Sandy
> ________________________________________
> From: sidr-boun...@ietf.org [sidr-boun...@ietf.org] on behalf of John G.
> Scudder [j...@juniper.net]
> Sent: Friday, August 03, 2012 3:27 PM
> To: John G. Scudder
> Cc: Sriram, Kotikalapudi; sidr wg list
> Subject: Re: [sidr] bgpsec confeds bug, with fix
>
> On Aug 3, 2012, at 2:12 PM, "John G. Scudder" <j...@juniper.net> wrote:
>
>> One other option does occur to me however, and I'm not sure why I didn't
>> think of it before: for *every* crossing of a confederation member border,
>> set the flag, so it has the semantics of "this is a confederation hop"
>> rather than the current "entering a confederation" semantics. Then on exit,
>> strip all contiguous flagged hops.
>
> P. S. I prefer this to either of the other two suggestions I sent. It's less
> hacky than the pcount=0 option and more faithfully mimics the semantics of
> AS_CONFED_SEQ.
>
> --John
> _______________________________________________
> sidr mailing list
> sidr@ietf.org
> https://www.ietf.org/mailman/listinfo/sidr
> _______________________________________________
> sidr mailing list
> sidr@ietf.org
> https://www.ietf.org/mailman/listinfo/sidr
_______________________________________________
sidr mailing list
sidr@ietf.org
https://www.ietf.org/mailman/listinfo/sidr
