Dimitrios Mavrommatis | f0c0632 | 2017-10-31 23:49:04 -0700 | [diff] [blame] | 1 | /* |
| 2 | * Copyright 2017-present Open Networking Foundation |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
| 17 | package org.onosproject.artemis; |
| 18 | |
| 19 | /** |
| 20 | * Interface for Deaggregator Service of Artemis. |
| 21 | * |
| 22 | * When a prefix hijacking is detected, ARTEMIS automatically launches its mitigation service (deaggregator). |
| 23 | * Since in Internet routing the most specific prefix is always preferred, ARTEMIS modifies the BGP configuration of |
| 24 | * the routers so that they announce deaggregated sub-prefixes of the hijacked prefix (that are most preferred from any |
| 25 | * AS). After BGP converges, the hijacking attack is mitigated and traffic flows normally back to the ARTEMIS-protected |
| 26 | * AS (the one that runs ARTEMIS). Therefore, ARTEMIS assumes write permissions to the routers of the network, in order |
| 27 | * to be able to modify their BGP configuration and mitigate the attack. The purpose of this service is to receive all |
| 28 | * hijack events from the detector service and proceed on writing all the new prefixes to be announced by the BGP |
| 29 | * Speakers. |
| 30 | */ |
| 31 | public interface ArtemisDeaggregator { |
| 32 | //TODO: give the ability of other services to announce prefixes to BGP Speakers through this interface |
| 33 | } |