18399050. BORDER GATEWAY PROTOCOL (BGP) FLOWSPEC ORIGINATION AUTHORIZATION USING ROUTE ORIGIN AUTHORIZATION (ROA) simplified abstract (Huawei Technologies Co., Ltd.)
Contents
- 1 BORDER GATEWAY PROTOCOL (BGP) FLOWSPEC ORIGINATION AUTHORIZATION USING ROUTE ORIGIN AUTHORIZATION (ROA)
- 1.1 Organization Name
- 1.2 Inventor(s)
- 1.3 BORDER GATEWAY PROTOCOL (BGP) FLOWSPEC ORIGINATION AUTHORIZATION USING ROUTE ORIGIN AUTHORIZATION (ROA) - A simplified explanation of the abstract
- 1.4 Simplified Explanation
- 1.5 Potential Applications
- 1.6 Problems Solved
- 1.7 Benefits
- 1.8 Potential Commercial Applications
- 1.9 Possible Prior Art
- 1.10 Unanswered Questions
- 1.11 Original Abstract Submitted
BORDER GATEWAY PROTOCOL (BGP) FLOWSPEC ORIGINATION AUTHORIZATION USING ROUTE ORIGIN AUTHORIZATION (ROA)
Organization Name
Inventor(s)
Yingzhen Qu of Addison TX (US)
Alvaro Enrique Retana of Addison TX (US)
BORDER GATEWAY PROTOCOL (BGP) FLOWSPEC ORIGINATION AUTHORIZATION USING ROUTE ORIGIN AUTHORIZATION (ROA) - A simplified explanation of the abstract
This abstract first appeared for US patent application 18399050 titled 'BORDER GATEWAY PROTOCOL (BGP) FLOWSPEC ORIGINATION AUTHORIZATION USING ROUTE ORIGIN AUTHORIZATION (ROA)
Simplified Explanation
The abstract describes a method for a network node to verify the authorization of a sending AS to issue a BGP FlowSpec. The network node checks if the sending AS is included in an out-of-band Flowspec AS authorization list for the prefix of the AS.
- The network node receives a BGP update message with a FlowSpec from a sending AS.
- The network node has an out-of-band Flowspec AS authorization list.
- The network node checks if the sending AS is authorized to issue the FlowSpec for the prefix of the AS.
- If the sending AS is not on the authorization list, the network node rejects the FlowSpec.
Potential Applications
This technology can be applied in:
- Network security systems
- Autonomous system management
Problems Solved
This technology helps in:
- Preventing unauthorized BGP FlowSpec updates
- Ensuring network stability and security
Benefits
The benefits of this technology include:
- Enhanced network security
- Improved BGP routing efficiency
Potential Commercial Applications
This technology can be used in:
- Internet service providers
- Network security companies
Possible Prior Art
One possible prior art could be the use of BGP route filtering to prevent unauthorized BGP updates.
Unanswered Questions
How does this method impact network performance?
The article does not provide information on the potential impact of this method on network performance.
Are there any potential drawbacks to implementing this method?
The article does not discuss any potential drawbacks or limitations of implementing this method.
Original Abstract Submitted
A method performed by a network node of a receiving autonomous system (AS) for verifying that a sending AS is authorized to issue a Border Gateway Protocol (BGP) flow specification (FlowSpec). The network node receives a BGP update message from a sending AS. The BGP update message includes a FlowSpec associated with a prefix of an AS. The network node obtains an out-of-band Flowspec AS authorization list indicating autonomous systems (ASes) that are authorized to issue the FlowSpec for the prefix of the AS. The network node determines whether the sending AS is included on the out-of-band Flowspec AS authorization list for the prefix of the AS. The network node rejects the FlowSpec when the sending AS is not on the out-of-band FlowSpec AS authorization list for the prefix of the AS.
