A New Internet-Draft is available from the on-line Internet-Drafts directories. Title : Avoiding un-trusted AS thru inter-AS TE-LSPs constructed using Clipping Author(s) : Shankar Raman Balaji Venkat Venkataswami Gaurav Raina Bhargav Bhikkaji Filename : draft-balaji-mpls-inter-as-policy-based-te-sec-00.txt Pages : 11 Date : 2012-08-01 Abstract: For a short time sometime in the recent past , internet traffic sent between a well known site and subscribers to an internet service provider A passed through hardware belonging to a Telecom provider B other than the ISP A to which the customers were attached before reaching its final destination. Telecom Provider B was found to be many AS hops away from the well known site and ISP A. It was assumed that this was an an innocent routing error (which is the most likely explanation for the highly circuitous route that the traffic was taking), but it was troubling nonetheless. During a window that lasted 30 minutes to an hour, all unencrypted traffic passing between the victimised ISP's customers and the well known site might have been open to monitoring. Though there was no evidence any data was in fact snarfed, but it was felt that the potential for that is certainly there because the hardware belonged to the untrusted Telecom provider B. Many such incidents have occurred in the past where the traffic has been diverted through such providers that either erroneously have let loose BGP routes or otherwise. At least one of those incidents was the result of erroneous BGP, or Border Gateway Protocol, routes that were quickly corrected. The above is a hypothetical headline that might occur in the near future if the BGP protocol is subject to such circuitous routing attacks either by mis-configuration or through purposeful intent. This is primarily owing to the fact that the BGP protocol accepts updates from providers and there exists no mechanism to figure out whether the updates for prefixes received was due to mal-intent, mis-configuration or indeed correct configuration. So there is a big blind spot that will have to be rectified. Doing the rectification through BGP would only complicate matters more. The proposal in the scheme in this draft, warrants the use of MPLS- based inter-AS Traffic Engineered Label Switched Paths that are constructed out of a derived inter-AS topology that help to impose policy decisions that for eg, obviate or prevent such LSPs from actually going through certain specific AS or set of ASes. Using methods like Graph construction from AS-PATH-INFO data and methods like policy based clipping of edges and nodes from such a inter-AS topology, the solution is made simple. The use of PCE (Path Computation Elements) is advised to compute such inter-AS paths that avoid ASes. Regular routing would have followed BGP updates and regular IP based forwarding. Using the TE-LSPs we can in fact set out the explicit route from AS to AS from the head-end to the tail-end avoiding specific set of ASes which dictated by policy have to be avoided. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-balaji-mpls-inter-as-policy-based-te-sec There's also a htmlized version available at: http://tools.ietf.org/html/draft-balaji-mpls-inter-as-policy-based-te-sec-00 Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ _______________________________________________ I-D-Announce mailing list I-D-Announce@ietf.org https://www.ietf.org/mailman/listinfo/i-d-announce Internet-Draft directories: http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt