Re: [RRG] getting rid of longest match

[sandy@tislabs.com (Sandy Murphy)]

On Mon, 25 Feb 2008, Danny McPherson wrote:

> The problem here is simply that of a reliable authenticated
> authoritative data source for who owns what - AND operators
> employing that to define routing policies.

And on Tue, 26 Feb 2008, Jason Schiller wrote:

>Most large ISPs are fairly good about maintaining ALC/Prefix-lists that
>only allow their customers to advertise routes for space that is correctly
>swipped to them. ...
>...
>On Peering links the list is too large and changes too often, and usually
>includes down stream customer ASes, and their customers and so on...

The sidr wg is working on just such a "data source" that will provides
a strong assurance of who holds what prefixes, and therefore who is
the person to authorize origination of what prefixes.

That gives you a bit more assurance that swip for knowing what prefixes
the customer legitimately holds.  And it provides for that "and their
customer" problem, that I'm not sure gets addequately captured in
swip (does rwhois generally keep up with this as well?).

At peering points, the sidr work doesn't give you the ability to
tell if the whole AS_PATH is correct, but it would let you tell if
the peer was letting through an inappropriate origination.  And the
list could be automatically generated from the "data source" as often
as you like.  So you'd have a way to check the down stream customer ASes
and their customers and so on.

It would be really good if you thought this would be useful if you
could comment on the sidr work.

--Sandy

--
to unsubscribe send a message to rrg-request@psg.com with the
word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/rrg/> & ftp://psg.com/pub/lists/rrg