January 14, 2020

258 words 2 mins read

BGP best path selection modifications: Various validation systems, how they work and how they should work

BGP best path selection modifications: Various validation systems, how they work and how they should work

As we look to the future of prefix validation we see two sets of useful information: Prefix set to AS validation and Path validation, however, both are somewhat ch …

Talk Title BGP best path selection modifications: Various validation systems, how they work and how they should work
Speakers Aaron Hughes (6connect)
Conference NANOG69
Conf Tag
Location Washington, D.C.
Date Feb 6 2017 - Feb 8 2017
URL Talk Page
Slides Talk Slides
Video Talk Video

As we look to the future of prefix validation we see two sets of useful information: Prefix set to AS validation and Path validation, however, both are somewhat challenging to implement. This talk proposes adding a third, far more simplified level of attesting your prefixes in BGP. Validation array v(v,v) -> v(v,v,v) With two points, we can say either PATH or ROA validation are good, but both are better. I would propose that something like, but not necessarily, POC validation via clicking a link (or something like that) could become the new bronze level. There are 3 massive benefits gained by implementing something like this. 1 - Prevents hijacking without the hassle of RPKI implementation. 2 - Makes the unknown lists of prefixes easy to identify in the BGP table. 3 - Creates a valid, known contact for all who participate in very basic attestation. There are two basic questions we need to answer as a community:

  • Do we want something like this, a low level, easy to implement validation system?
  • If so, where does it live? (RIRs, IANA, something entirely different)
comments powered by Disqus