North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: [Sidr] Re: S-BGP and IP prefix aggregation
Advertising an aggregate that is not specifically assigned to you is known as "proxy aggregation".
William has given a good description of what's required above, but it needs a further enhancement
in that proxy aggregation will frequently need to happen in several locations for the aggregate to
have any true impact on routing. In graph theoretic terms, proxy aggregation must form a
"cut set" topologically around the longer prefixes to contain them and prevent them from being
distributed throughout the network.
Thus, any security mechanism needs to provide some means for indicating that
an entire set of ASes may legitimately be advertising a proxy aggregate prefix. How one
determines the appropriate set of ASes that are authorized is another interesting administrative
issue that needs to be resolved.