[144196] in North American Network Operators' Group
Re: Do Not Complicate Routing Security with Voodoo Economics
daemon@ATHENA.MIT.EDU (Michael Schapira)
Mon Sep 5 00:05:20 2011
Date: Mon, 05 Sep 2011 00:04:35 -0400 (EDT)
From: Michael Schapira <ms7@CS.Princeton.EDU>
To: "Neil J. McRae" <neil@domino.org>
In-Reply-To: <1be2e3ab-f433-405f-9216-e958d4160b58@suckerpunch-mbx-0.CS.Princeton.EDU>
Cc: North American Network Operators' Group <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Sun, Sep 4, 2011 at 5:39 PM Neil J. McRae neil@domino.org wrote:
> ... one could almost argue the opposite also or make the same case about nearly any feature in a transit product! If i stop offering
> community based filtering- I'd probably see revenue decline!
> Yes some features in a product set drive revenue - thats all you are really saying which is fine but we have alot of features people want in
> the network and what would be a more useful paper would be why this one might drive more revenue growth than the others that are all fighting
> development prioritisation - - - which isnt clear to me in your paper."
One crucial way in which S*BGP differs from other features is that ASes which deploy S*BGP *must* use their ability to validate paths to inform route selection (otherwise, adding security to BGP makes no sense). Therefore, S*BGP is bound to affect how traffic flows on the Internet. Our work is about harnessing this observation to drive S*BGP deployment.
We consider the case that security plays a very small role in the BGP decision process and, in particular, that security considerations come *after* the Local-Pref and AS-PATH length steps in the BGP decision process. We give evidence that even in this case a small set of early adopters is sufficient to transition a large fraction of the Internet to S*BGP.
