IETF Logo Mail Archive

Re: [sidr] BGPSec scaling (was RE: beacons and bgpsec)

Jakob Heitz <jakob.heitz@ericsson.com> Fri, 09 September 2011 16:31 UTC

Return-Path: <jakob.heitz@ericsson.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4970F21F8505 for <sidr@ietfa.amsl.com>; Fri, 9 Sep 2011 09:31:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.165
X-Spam-Level:
X-Spam-Status: No, score=-6.165 tagged_above=-999 required=5 tests=[AWL=0.434, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wycGAEkt6c4q for <sidr@ietfa.amsl.com>; Fri, 9 Sep 2011 09:31:31 -0700 (PDT)
Received: from imr4.ericy.com (imr4.ericy.com [198.24.6.9]) by ietfa.amsl.com (Postfix) with ESMTP id 9F9D921F84FC for <sidr@ietf.org>; Fri, 9 Sep 2011 09:31:31 -0700 (PDT)
Received: from eusaamw0706.eamcs.ericsson.se ([147.117.20.31]) by imr4.ericy.com (8.14.3/8.14.3/Debian-9.1ubuntu1) with ESMTP id p89GXLxf006872; Fri, 9 Sep 2011 11:33:26 -0500
Received: from EUSAACMS0701.eamcs.ericsson.se ([169.254.1.158]) by eusaamw0706.eamcs.ericsson.se ([147.117.20.31]) with mapi; Fri, 9 Sep 2011 12:33:17 -0400
From: Jakob Heitz <jakob.heitz@ericsson.com>
To: Russ White <russw@riw.us>
Date: Fri, 09 Sep 2011 12:33:17 -0400
Thread-Topic: [sidr] BGPSec scaling (was RE: beacons and bgpsec)
Thread-Index: AcxvDizUOZXk9cmhQIiOSh/2vtb9qg==
Message-ID: <2FC7C45F-D9A3-4418-A4FE-4C2AEB07711C@ericsson.com>
References: <A37CADA4-F16D-4C01-8D9C-D01001C4EFE4@tcb.net> <21C19DA8-7BF3-4832-8C13-C9A45FE026FB@algebras.org> <87D9E106-2A37-4E1E-8C69-7084C199A3FE@tcb.net> <331AEFBD-6AE5-469E-A11E-E672DC61DCDC@pobox.com> <B92913D1-AB82-4D9F-B8A9-F8F4F99713D6@tcb.net> <p06240803ca685bff5443@[128.89.89.43]> <D6D12861-412E-4A65-B626-B627449981B8@tcb.net> <34E4F50CAFA10349A41E0756550084FB0C2ED5A4@PRVPEXVS04.corp.twcable.com> <7B321CF0-ABE6-4FCD-B755-8099BB63399A@rob.sh> <5E9BE75F-C0A6-4B48-B15F-7E0B80EFE981@ericsson.com> <m2ipp4qxs5.wl%randy@psg.com> <34E4F50CAFA10349A41E0756550084FB0E0D5BDC@PRVPEXVS04.corp.twcable.com> <D4059E53-6EEC-4F66-9E1E-B96675182F22@rob.sh> <m2wrdhvjpe.wl%randy@psg.com> <4E6A2CD0.1010305@riw.us> <m2pqj9vgc8.wl%randy@psg.com> <4E6A3D30.9030605@riw.us>
In-Reply-To: <4E6A3D30.9030605@riw.us>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "sidr@ietf.org" <sidr@ietf.org>
Subject: Re: [sidr] BGPSec scaling (was RE: beacons and bgpsec)
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Sep 2011 16:31:32 -0000

By doing "converge first verify later", the router can be made cheaper.

However, there is still the cost of the RPKI and the cost of running/maintaining it.
My guess is that will bury the cost of the routers.
Just a guess, Randy.

--
Jakob Heitz.


On Sep 9, 2011, at 9:22 AM, "Russ White" <russw@riw.us> wrote:

> On 9/9/2011 12:19 PM, Randy Bush wrote:
>>>>    as a vendor friend says, if ipv6 deploys, insha allah, we're gonna
>>>>    be upgrading those routers to do real v6 forwarding.  if it does not
>>>>    deploy, you will be deploying massively bigger boxes to nat your ass
>>>>    into hell.
>>> 
>>> There are two possible results, it seems to me:
>>> 
>>> 1. The cost of deploying IPv6 will "bury" the cost of doing BGPsec, so
>>> that BGPsec essentially becomes "free" in the IPv6 upgrade.
>>> 
>>> 2. The cost of deploying BGPsec will be significant enough that it can't
>>> be "buried," in any other costs.
>>> 
>>> The question is --which is true?
>> 
>> as i have no data, any guess i make would be bullshit, would it not?
> 
> Does anyone have the data needed to answer which is true? My guess is
> based on the cost of hardware in general --even small hardware costs
> don't normally end up being "swamped"-- and the cost of network
> convergence times, etc.
> 
> Using different assumptions, you can come to different conclusions. I
> don't know how you can build a study that would tell you which set of
> assumptions is "correct."
> 
> OTOH, it would be interesting to try.
> 
> Russ
> 
> _______________________________________________
> sidr mailing list
> sidr@ietf.org
> https://www.ietf.org/mailman/listinfo/sidr

v2.23.0 | Report a Bug | By Email