Re: [Idr] draft-ymbk-sidrops-rov-no-rr
Job Snijders <job@fastly.com> Mon, 15 November 2021 19:23 UTC
Return-Path: <job@fastly.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BC39D3A03F8 for <idr@ietfa.amsl.com>; Mon, 15 Nov 2021 11:23:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=fastly.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xVM7vtHYwpj6 for <idr@ietfa.amsl.com>; Mon, 15 Nov 2021 11:23:51 -0800 (PST)
Received: from mail-ed1-x52e.google.com (mail-ed1-x52e.google.com [IPv6:2a00:1450:4864:20::52e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BEA193A040A for <idr@ietf.org>; Mon, 15 Nov 2021 11:23:50 -0800 (PST)
Received: by mail-ed1-x52e.google.com with SMTP id b15so76293462edd.7 for <idr@ietf.org>; Mon, 15 Nov 2021 11:23:50 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fastly.com; s=google; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=fqd5R96l8mx/JOrVDhjWIV/LEJrp1Tfk49sU7jE09Jc=; b=WezZ1inwTj9T28Xon35dQLdBOvjEZlvjoRYEkUDtbA3B4jSSh/0KBuQeoD2t9Wvmts Ey4X+v0yagYq8rvttpXPdPOXtkbf7QMkEesqpqUaZUyBLck/VLHRvfe0XYmT5YZ8RqsE IPeHnXB0ZD7pRpMyqNOM5/3W+xy0uGMdO3m9E=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=fqd5R96l8mx/JOrVDhjWIV/LEJrp1Tfk49sU7jE09Jc=; b=aIf2qKrvCj8znQon2Bsy2lxhCWIBNA5ZovLeqRZYAcgfHVeUuCD6mZrKt+k4AThXVm 1CpKWiUUk1l/fx7sLtUhtI57YI0eMtZvYpAZB8GOCh08BI7KyEE5fAN1lAXVcXSD1smr NxSbUdxCCLXzqQIZNDaBZ0teGNOhRe3wyeAJH3mYwvteQReo2ZgGT5I3y0rvb7m/SJ3x LndWEpSOni5H42TLpKnXfPO9gfcouEeN+n9SMwVrEDcGwSqnFWg7HWsVoNzfsCleUOtU Tln9WkIT54eo7XGdRoYcmAnoQ7vfw0ntkopJlYfbm2+VFxDKl5BoW6msmNcOFp4MGWhl hExA==
X-Gm-Message-State: AOAM532NKF28A2vYIMKnqK/7O/eESEsqEqBbG3abMmaqLD1q1BYlslJY EIO3/CFZGWlAJmV7+SIFo3enNQ==
X-Google-Smtp-Source: ABdhPJw/4TWImyJDMBKmfKoLSNsi79TTzFynWj6LN9Gs4WW04EeovOWVEJStf6RlK8aWoOrfJVrJdA==
X-Received: by 2002:a17:906:2d51:: with SMTP id e17mr1755360eji.132.1637004227743; Mon, 15 Nov 2021 11:23:47 -0800 (PST)
Received: from snel ([2a10:3781:276:1:16f6:d8ff:fe47:2eb7]) by smtp.gmail.com with ESMTPSA id nc30sm7329129ejc.35.2021.11.15.11.23.47 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 15 Nov 2021 11:23:47 -0800 (PST)
Date: Mon, 15 Nov 2021 20:23:45 +0100
From: Job Snijders <job@fastly.com>
To: Jeffrey Haas <jhaas@pfrc.org>
Cc: Randy Bush <randy@psg.com>, Interminable Discussion Room <idr@ietf.org>
Message-ID: <YZKzwWiFFLnkvGf5@snel>
References: <E1mmcrF-0007bA-27@ran.psg.com> <m28rxptrw8.wl-randy@psg.com> <CAOj+MMHUZ26KTQje5ZO0wVubHMfvvb3QwZZm_x+TmTpTChdUdw@mail.gmail.com> <YZKpVnY/EORywfIQ@Space.Net> <CAOj+MMF+2rg69pLzR=xuK=yRKwKr1ochSzfOgYmV2-e5amZOgw@mail.gmail.com> <YZKrRx8G5SroAZ0v@Space.Net> <m2sfvxs0zd.wl-randy@psg.com> <m2r1bhs0pw.wl-randy@psg.com> <20211115190737.GB25878@pfrc.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <20211115190737.GB25878@pfrc.org>
X-Clacks-Overhead: GNU Terry Pratchett
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/Sr-iAi5NXmnhNSIi9MHKQ4i-KIA>
Subject: Re: [Idr] draft-ymbk-sidrops-rov-no-rr
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Nov 2021 19:23:56 -0000
On Mon, Nov 15, 2021 at 02:07:37PM -0500, Jeffrey Haas wrote: > On Mon, Nov 15, 2021 at 11:00:43AM -0800, Randy Bush wrote: > > > this little hack is merely intended to warn and to allow > > > constrained routers which can not keep full adj-rib-in to do rov > > > with less damage. > > > > sorry. to be clear; in this day of lotso ram and many core cpus, it > > would seem hard to justify not keeping the full adj-rib-in. > > I'm not deeply following operational practices for the use of rpki-rtr > right now. Is there current operational wisdom about how often you > permit your caches to churn? > > If so, perhaps a quick comment in the draft that you can minimize > impact of these older routers by minimizing the cache churn? An interesting suggestion. Some RPKI RP cache implementations already default to 'once an hour'. An internet-draft WIP [5] suggests something along the lines of "between once an hour and every 10 minutes", however the currently published RFC (8182) says something that suggests along the lines of (rephrased) "poll as frequent as every minute". There are quite some RP implementations deployed in the wild which adhere to that published RFC, and unfortunately have not yet been updated to implementation versions which folow the suggested RPKI fetching slow down. This phenomenon probably needs to be tackled via both backporting some kind of fix to 'older hardware' (either the suggested hack, or enabling "soft-reconfig inbound always"' by DEFAULT on older versions), and via the RPKI RP cache implementations (but that now seems covered in all current versions). Kind regards, Job [1]: https://datatracker.ietf.org/doc/html/draft-ietf-sidrops-rpki-rov-timing [8182]: https://datatracker.ietf.org/doc/html/rfc8182
- [Idr] draft-ymbk-sidrops-rov-no-rr Randy Bush
- Re: [Idr] draft-ymbk-sidrops-rov-no-rr Robert Raszuk
- Re: [Idr] draft-ymbk-sidrops-rov-no-rr Jeff Tantsura
- Re: [Idr] draft-ymbk-sidrops-rov-no-rr Robert Raszuk
- Re: [Idr] draft-ymbk-sidrops-rov-no-rr Gert Doering
- Re: [Idr] draft-ymbk-sidrops-rov-no-rr Job Snijders
- Re: [Idr] draft-ymbk-sidrops-rov-no-rr Robert Raszuk
- Re: [Idr] draft-ymbk-sidrops-rov-no-rr Robert Raszuk
- Re: [Idr] draft-ymbk-sidrops-rov-no-rr Gert Doering
- Re: [Idr] draft-ymbk-sidrops-rov-no-rr Randy Bush
- Re: [Idr] draft-ymbk-sidrops-rov-no-rr Randy Bush
- Re: [Idr] draft-ymbk-sidrops-rov-no-rr Robert Raszuk
- Re: [Idr] draft-ymbk-sidrops-rov-no-rr Randy Bush
- Re: [Idr] draft-ymbk-sidrops-rov-no-rr Jeffrey Haas
- Re: [Idr] draft-ymbk-sidrops-rov-no-rr Job Snijders
- Re: [Idr] draft-ymbk-sidrops-rov-no-rr Randy Bush
- Re: [Idr] draft-ymbk-sidrops-rov-no-rr Jeffrey Haas
- Re: [Idr] draft-ymbk-sidrops-rov-no-rr Job Snijders
- Re: [Idr] draft-ymbk-sidrops-rov-no-rr Robert Raszuk
- Re: [Idr] draft-ymbk-sidrops-rov-no-rr Jeffrey Haas
- Re: [Idr] draft-ymbk-sidrops-rov-no-rr Job Snijders