Re: Re[2]: Link-state EGP

[Saku Ytti via NANOG <nanog () lists nanog org>]

I have not, I will take a peek, thanks.

Securing topology information would be a big win with link-state.

On Mon, 25 Aug 2025 at 17:43, 7riw77 () gmail com <7riw77 () gmail com> wrote:
> Have you ever looked at soBGP or Path State Vectors. Happy to hang out
> and explain if it would be helpful, but these are/were effectively BGP
> security efforts that were ultimately driving to a DAG overlay.
>
> They failed because the community became extremely focused on securing
> "BGP operation" rather than securing the base topology information.
>
> :-) /r
>
>
> ------ Original Message ------
> From "Saku Ytti via NANOG" <nanog () lists nanog org>
> To nanog () immibis com
> Cc "North American Network Operators Group" <nanog () lists nanog org>;
> "Saku Ytti" <saku () ytti fi>
> Date 8/25/2025 02:04:15
> Subject Re: Link-state EGP
>
> > On Mon, 25 Aug 2025 at 03:44, <nanog () immibis com> wrote:
> >
> > >  It has to be a shortest path or at least you have to know their shortest path doesn't go back through you. 
> > > Perhaps AS21's shortest path to AS23 is through you. In a link-state protocol you can't do shit to stop them using 
> > > you as transit, besides outright blocking their traffic (breaking the internet) or splitting your AS in 3.
> > >
> > >  How many times do I have to say it, maybe with big enough letters? ***A LINK STATE ROUTING PROTOCOL IS A 
> > > DISTRIBUTED CONSENSUS ALGORITHM. ALL NODES MUST RUN THE IDENTICAL ALGORITHM ON IDENTICAL INPUT DATA OR THE NETWORK 
> > > BREAKS.***
> > >
> > >  Perhaps you've invented a new type of algorithm where that's not the case. In this case I suggest ceasing to call 
> > > it "link state", and writing a detailed paper about it instead of vague hints.
> >
> > Oh I'm definitely not writing a paper. But I'm not sure a novel
> > algorithm is needed (nor am I sure it is not needed). Certainly the
> > graph cannot be a symmetric directed graph. That is the directions or
> > arrows represent direction. You have edges which are reachable through
> > you (customers) and you have edges which can be used to reach your
> > customers (upstreams).
> >
> > So my link-state would have AS2[123] edges as reachable through me and
> > AS3[123] as edges that can be used to reach those AS2[123] edges. So
> > arbitrary node further down the network wouldn't use me to reach
> > AS2[123] because of the direction of the arrow.
> >
> > >  Only in a link-state protocol! Luckily, BGP is not a link-state protocol.
> >
> > Of course it is easy to end up with loopy BGP configurations. But then
> > we change the configuration and come up with something else.
> >
> > --
> >   ++ytti
> > _______________________________________________
> > NANOG mailing list
> > https://lists.nanog.org/archives/list/nanog () lists nanog org/message/2AFXLTXOC3EKRZNSDHRYBB53D45VR7TD/



-- 
  ++ytti
_______________________________________________
NANOG mailing list 
https://lists.nanog.org/archives/list/nanog () lists nanog org/message/VCZL4BNUJJ5JFUKGYS7ZZJYCVRKKUVFF/