Hello
Bird Team!
My name is Ralph. I'm a network engineer and C programmer for
Hurricane Electric. I am a long time fan of the Bird project!
Keep up the great work!!
Earlier this year I was tasked with implementing reactive ASPA in
our network. My code was based off your older implementation of
static ASPA tables here:
https://gitlab.nic.cz/labs/bird/-/tree/aspa
This older implementation is based off of customer-provider pairs:
typedef struct net_addr_aspa {
u8 type;
u8 padding;
u16 length;
u32 customer_asn;
u32 provider_asn;
} net_addr_aspa;
I've attached the patch as "bird-2.15.1-aspa-asn-pairs.patch".
I took a look at 2.16 and ran into 2 problems. Respectfully, I
would like to report two issues with the ASPA code in 2.16.
Issue #1) There is no way to tell the difference between a
transit entry and an "AS0" entry.
$ cat bird-aspa.conf
aspa table at;
protocol static
{
aspa;
route aspa 12345 transit;
route aspa 970 provider 43, 56;
route aspa 43970 provider 0;
}
---
$ ./sbin/birdc
BIRD 2.16 ready.
bird> show route table at all
Table at:
43970 [static1 19:38:32.125] * (200)
Type: static univ
aspa_providers: 0
970 [static1 19:38:32.125] * (200)
Type: static univ
aspa_providers: 43 56
12345 [static1 19:38:32.125] * (200)
Type: static univ
aspa_providers: 0
bird>
---
The treatment of AS0 providers is mentioned in section 5 of
draft-ietf-sidrops-aspa-verification-19. It is a mechanism for
people to announce that "no one should announce this AS". I've
attached a snapshot of the global ASPA table as
"bird-aspa-v2.16.conf". There is one AS0 announcement as of
today.
Issue #2) Changes in static ASPA tables are not reflected until
entries are removed and re-added.
$ cat bird-aspa.conf
aspa table at;
protocol static
{
aspa;
route aspa 12345 transit;
route aspa 970 provider 43, 56;
route aspa 43970 provider 0;
}
bird> show route table at all
Table at:
43970 [static1 19:38:32.125] * (200)
Type: static univ
aspa_providers: 0
970 [static1 19:38:32.125] * (200)
Type: static univ
aspa_providers: 43 56
12345 [static1 19:38:32.125] * (200)
Type: static univ
aspa_providers: 0
bird>
$ cat bird-aspa.conf
aspa table at;
protocol static
{
aspa;
route aspa 12345 transit;
route aspa 970 provider 43, 56, 78; <---- added
AS78
route aspa 43970 provider 0;
}
$ ./sbin/birdc
BIRD 2.16 ready.
bird> configure
Reading configuration from /home/rpki/bird/etc/bird.conf
Reconfigured
bird> show route table at all
Table at:
43970 [static1 19:38:32.125] * (200)
Type: static univ
aspa_providers: 0
970 [static1 19:38:32.125] * (200)
Type: static univ
aspa_providers: 43 56 <-------- changes not
reflected ***
12345 [static1 19:38:32.125] * (200)
Type: static univ
aspa_providers: 0
bird>
$ cat bird-aspa.conf
aspa table at;
protocol static
{
aspa;
route aspa 12345 transit;
#route aspa 970 provider 43, 56, 78; <----- remove
entries altogether
route aspa 43970 provider 0;
}
$ ./sbin/birdc
BIRD 2.16 ready.
bird> configure
Reading configuration from /home/rpki/bird/etc/bird.conf
Reconfigured
bird> show route table at all
Table at:
43970 [static1 19:38:32.125] * (200)
Type: static univ
aspa_providers: 0
12345 [static1 19:38:32.125] * (200)
Type: static univ
aspa_providers: 0
bird>
$ cat bird-aspa.conf
aspa table at;
protocol static
{
aspa;
route aspa 12345 transit;
route aspa 970 provider 43, 56, 78; <------- add
entry again
route aspa 43970 provider 0;
}
$ ./sbin/birdc
BIRD 2.16 ready.
bird> configure
Reading configuration from /home/rpki/bird/etc/bird.conf
Reconfigured
bird> show route table at all
Table at:
43970 [static1 19:38:32.125] * (200)
Type: static univ
aspa_providers: 0
970 [static1 20:17:30.142] * (200)
Type: static univ
aspa_providers: 43 56 78 <--------- changes
reflected correctly
12345 [static1 19:38:32.125] * (200)
Type: static univ
aspa_providers: 0
bird>
---
This problem does not occur when the ASPA elements are
customer-provider pairs. I believe this is an overall design
issue, not a simple bug. I will be bringing this issue up with
ietf-sidrops.
Thanks!