Mostly excellent thoughts, well documented. I have a question about this statement though:
> in fact, a number of global Tier-1 providers have preferred peers for decades I assume you mean for a very limited subset of their customers? I've checked routing on well over half the transit free networks on the planet, and for the small number of customers I was researching, they definitely preferred customer routes over peering. -- TTFN, patrick On Sep 4, 2011, at 6:02 AM, Randy Bush wrote: > [ http://archive.psg.com/110904.broadside.html ] > > Do Not Complicate Routing Security with Voodoo Economics > a broadside > > A recent NANOG presentation and SIGCOMM paper by Gill, Schapira, and > Goldberg[1] drew a lot of 'discussion' from the floor. But that > discussion missed significant problems with this work. I raise this > because of fear that uncritical acceptance of this work will be used as > the basis for others' work, or worse, misguided public policy. > o The ISP economic and incentive model is overly naive to the point of > being misleading, > o The security threat model is unrealistic and misguided, and > o The simulations are questionable. > > Basic ISP economics are quite different from those described by the > authors. Above the tail links to paying customers, the expenses of > inter-provider traffic are often higher than the income, thanks to the > telcos' race to the bottom. In this counter-intuitive world, transit > can often be cheaper than peering. I.e. history shows that in the rare > cases where providers have been inclined to such games, they usually > shed traffic not stole it, the opposite of what the paper presumes. The > paper also completely ignores the rise of the content providers as > described so well in SIGCOMM 2010 by Labovitz et alia[2] > > It is not clear how to ‘fix’ the economic model, especially as[3] says > you can not do so with rigor. Once one starts, e.g. the paper may lack > Tier-N peering richness which is believed to be at the edges, we have > bought into the game for which there is no clear end. > > But this is irrelevant, what will motivate deployment of BGP security is > not provider traffic-shifting. BGP security is, as its name indicates, > about security, preventing data stealing (think banking > transactions[4]), keeping miscreants from originating address space of > others (think YouTube incident) or as attack/spam sources, etc. > > The largest obstacle to deployment of BGP security is that the > technology being deployed, RPKI-based origin validation and later > BGPsec, are based on an X.509 certificate hierarchy, the RPKI. This > radically changes the current inter-ISP web of trust model to one having > ISPs' routing at the mercy of the Regional Internet Registries (RIRs). > Will the benefits of security - no more YouTube incidents, etc. - be > perceived as worth having one's routing at the whim of an > non-operational administrative monopoly? Perhaps this is the real > economic game here, and will cause a change in the relationship between > the operators and the RIR cartel. > > The paper's simulations really should be shown not to rely on the > popular but highly problematic3 Gao-Rexford model of inter-provider > relationships, that providers prefer customers over peers (in fact, a > number of global Tier-1 providers have preferred peers for decades), and > that relationships are valley free, which also has significant > exceptions. Yet these invalid assumptions may underpin the simulation > results. > > --- > > Randy Bush <ra...@psg.com> > Dubrovnik, 2011.9.4 > > [1] P. Gill, M. Schapira, and S. Goldberg, Let the Market Drive > Deployment: A Strategy for Transitioning to BGP Security, SIGCOMM 2011, > August 2011. > http://conferences.sigcomm.org/sigcomm/2011/papers/sigcomm/p14.pdf > > [2] [1] C. Labovitz, S. Iekel-Johnson, D. McPherson, J. Oberheide, and > F. Jahanian, “Internet inter-domain traffic,” in SIGCOMM '10: > Proceedings of the ACM SIGCOMM 2010 conference on SIGCOMM, 2010. > > [3] M. Roughan, W. Willinger, O. Maennel, D. Perouli, and R. Bush, 10 > Lessons from 10 Years of Measuring and Modeling the Internet's > Autonomous Systems, IEEE Journal on Selected Areas in Communications, > Vol. 29, No. 9, pp. 1-12, Oct. 2011. > https://archive.psg.com/111000.TenLessons.pdf > > [4] A. Pilosov, T. Kapela. Stealing The Internet An Internet-Scale Man > In The Middle Attack, Defcon 16, August, 2008. > http://www.defcon.org/images/defcon-16/dc16-presentations/defcon-16-pilosov-kapela.pdf >