IETF Logo Mail Archive

Re: [Sidrops] [WGLC] draft-ietf-sidrops-roa-considerations-01 - Ends 10/March/2022

Geoff Huston <gih@apnic.net> Thu, 10 March 2022 19:53 UTC

Return-Path: <gih@apnic.net>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E5ECD3A094A for <sidrops@ietfa.amsl.com>; Thu, 10 Mar 2022 11:53:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.11
X-Spam-Level:
X-Spam-Status: No, score=-2.11 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=apnic.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lCvpkztQfwbo for <sidrops@ietfa.amsl.com>; Thu, 10 Mar 2022 11:53:26 -0800 (PST)
Received: from AUS01-ME3-obe.outbound.protection.outlook.com (mail-me3aus01on20610.outbound.protection.outlook.com [IPv6:2a01:111:f403:7004::610]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A488D3A094B for <sidrops@ietf.org>; Thu, 10 Mar 2022 11:53:26 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=nZpiwsnDlb2nph8QcU5YCC6M+UeT0QcriXrBA2zbtdjLA9H0m3C5H/W0tCAUZK6kWlPoWUvE/GctUCIiIXMbRB0wEwDm2/FtVl1lPOnLAWtZA0Oi8HuhtYXWi3S79Lym5vJHGGxBndeSOUD0B7284tE9MnQlbGtV2LIjvtZwgpY75p9IBr6aaaQHdihXzJ+0MfODg80wnws+A3IfOsZBCe+6K5flDAeNWB2WwhNc5cHDZqnXQFAcTtfNE8v280nbPXKwTe5DjQNpSecV6h7QaJn0OIEc6iCM7KXZ7D2KXjHWoOpBTTHsDin22oW0cQQmejbCI+x5f7uoOYUIIoDynQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=bmtN9R6eTZnXWE0ScjQMBW5fU/XO73TBgNRrQRMWAsM=; b=bkWNpRf4T72cunyagzSubihVp+lWzbBnVwMbMHYRDzyGQSLtTPl/Tjo6YIGHpJsfgG/G7wRemxc/EUulw1ft3uLVpm749DLr9Wr9R5qHt7ImUYBXVJPgsX3HV+5nDa4hybjj8/XRjWapUTc8VEOqkCn66sRoMivzbw372MbkVpYCxP/m7iSFhhDSIJuR1mbDvXyY2To0f/0Cv/pYrtSfWO2udD4SsTk6iiEOSqn3sEufgPOrd4Sz60FGCmOo5GsI3lb2a8RKTwu+cy0rgbW9VV5wXiCsevRlf+nuJVEaXWBX1jv6PCswBnaPH1ONY19rriQiteRtxhYktSggz9+4bw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=apnic.net; dmarc=pass action=none header.from=apnic.net; dkim=pass header.d=apnic.net; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=apnic.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=bmtN9R6eTZnXWE0ScjQMBW5fU/XO73TBgNRrQRMWAsM=; b=Sz/qYfsTvyoSD7Sj78ph0ceg+LsLd76lLFz7Tso3l5tu6HAwp25JGLgOPF2eM51iBPe48067OtwvKQlyzMznBxoYdjrM0s27BLmFq4fHDKlO/7vSvPrxVQVj9QhpeGlzlbasPfoA+9P0AWEO88xk8u9ou78VwXnFAozqd4WisDU=
Received: from SYZP282MB3169.AUSP282.PROD.OUTLOOK.COM (2603:10c6:10:176::18) by ME4P282MB1238.AUSP282.PROD.OUTLOOK.COM (2603:10c6:220:92::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5038.14; Thu, 10 Mar 2022 19:53:21 +0000
Received: from SYZP282MB3169.AUSP282.PROD.OUTLOOK.COM ([fe80::2d75:2788:316:de9]) by SYZP282MB3169.AUSP282.PROD.OUTLOOK.COM ([fe80::2d75:2788:316:de9%4]) with mapi id 15.20.5061.022; Thu, 10 Mar 2022 19:53:21 +0000
From: Geoff Huston <gih@apnic.net>
To: Randy Bush <randy@psg.com>
CC: Ties de Kock <tdekock@ripe.net>, "sidrops@ietf.org" <sidrops@ietf.org>, Tim Bruijnzeels <tim@nlnetlabs.nl>
Thread-Topic: [Sidrops] [WGLC] draft-ietf-sidrops-roa-considerations-01 - Ends 10/March/2022
Thread-Index: AQHYNDJhPUxJk93DPE+sp2OhMnXz66y4edYAgAAFRICAAASQgIAAAsEAgACCLYA=
Date: Thu, 10 Mar 2022 19:53:21 +0000
Message-ID: <9B0B0DBF-9F7A-4A61-9EBE-BCE556150475@apnic.net>
References: <BYAPR18MB26961DE9F15501CCA12ECCF1C13D9@BYAPR18MB2696.namprd18.prod.outlook.com> <851649A5-9075-4956-8B57-E51F612DF6BD@nlnetlabs.nl> <m235jqa2fk.wl-randy@psg.com> <D46FDA88-15E2-4EC6-BE07-0A1A93038B64@ripe.net> <m2v8wm8278.wl-randy@psg.com> <8961B085-5022-49C8-8775-77031B3DD814@ripe.net> <m2r17a80zl.wl-randy@psg.com>
In-Reply-To: <m2r17a80zl.wl-randy@psg.com>
Accept-Language: en-AU, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3693.60.0.1.1)
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=apnic.net;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: d65b628d-1e5a-42d3-622f-08da02cfa196
x-ms-traffictypediagnostic: ME4P282MB1238:EE_
x-microsoft-antispam-prvs: <ME4P282MB12381770A11ED6F2DC5BE139B80B9@ME4P282MB1238.AUSP282.PROD.OUTLOOK.COM>
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: Q/SEN0J7EcUsiUfJep4ECgmB2o6c7iytiCS8EQ0sEA0Nbo7IvclRbBc41pyJnqcAEvv0TR9zlRdALV/U0iMXtL/Qa/mQCJ8glYcQH70TbXUbkjFnIsRAY8U+mL0CSan6kzoYeAp1Vb2IGGte6mqFuETY/druEe4qhriIetrQSuWfmPkYu3VMTD+haxrbk7Sy1vQcnKaEDbKRlKn1i6l9U6acUAZLeLMJXgD/a2rZhPzOeSwRyDCIkO3s0W2p/quaNl+SLRn+iODSCbsKObPfNfsXXu2VN6TBDY9z7MRl9IDOsyUIeFGpWMZbvJlt+0j0elp5o6l/QEfjxv9PPbbs7nz3ykTgQq6b+e7CeqOUh+Y4bK8lzRn8l0r49EAuZyfJtgiw03DXyXh8dfMkd+1LeQtja1DD/QIWXQ5OT7vXi+YgYCdSezD5w0Gsrlw2il0LhMITlkU9y+1rhIH69IVQ0sIJktTwxQikuYCAVW5j+4hp2qJ2oHK3De7qcQ2Zru7Rzv+/CB0cqDAd1TpzitZpjUAFkhb7/KksdMU8ppoX/737yWT9dMTwdYtMcoalH+hC4qOoESNG7I0kcEhnMdzlT4g9NNjL1x7VUyHQmJjHN1Qp/8M38ohNasHEcADplKE8rkqiaBeOX82yjEiUV4VPeskHLU1fWhNAEgJbmWB/n34jYBb1GEYw24xxKusJXp6AE5Q9bSgkhkpMj04Fw3FzXIGRBogAkhA2GWP+fNd+8Ts0oLt2YR1qpoFis8SpVsRO
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SYZP282MB3169.AUSP282.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230001)(4636009)(376002)(136003)(39840400004)(396003)(346002)(366004)(6916009)(66446008)(54906003)(66476007)(76116006)(66946007)(8676002)(4326008)(66556008)(122000001)(33656002)(64756008)(36756003)(5660300002)(2906002)(316002)(508600001)(6512007)(6506007)(53546011)(71200400001)(83380400001)(38100700002)(86362001)(66574015)(2616005)(186003)(8936002)(38070700005)(6486002)(45980500001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: I/XVxeMG1wfJhGTEGDLtzSN94OWuMaRLHQ4ogw5ov0sbd8gHBQr/JSb7TiWkG/14JTQ5ZRnxZ8tTlVdDCSZoNvxCwmfSNb73nNELLJg2w2LyPEzMvB72abn9+QORSUJoSZB4yLBkE09ASxJTGIiuvt195Af4osPMY00d/pM+madqKxLDGOLgP3WNucWbVdN0fgtWPFPPz6hNv3/PGwUXovHNQ79A0JOG8wmRf5d3GI+0Y41Z+1bMXCpIqKiCW/QXnpnEqRF3MGt4yytIWw3VTqEkQTchiopodVQtI2CPgURP8kqbJGNKe/lWlEBqMThU7Kg+RA4XX7p7kocOEz6sL74BHhf2L4lh2sg7pS90w4Jqohi7RGjtsXzdNPUTMmwSdv6ak089Kief4coOjxhYCtfJSHI9OeaUmRjeGhoWlMBZGcxk7ifbxVOIO+yEVZu3/KOA4P7VTZ/d3TzgPc1FX+1WC76DWWYZB+LwwC+IirBWIjL8hAqCQ90UtvUuf+nNlrLvGlEEIpa56jEZrLPvu0W0JAkbtKfOtcncsBUFry3Gud/Kwh5JS8Ts1CUAQdRtS+wt+/kAxTJifzqf7Oh09J3xC1mjtsYGPq3L1m/4QorQu70s/WEI8crs10QdBPvX5VPz/3Dyt8M5tevqd8hOzq9ZLv9zs/xe5Ub07cA78FADbR339pVTZLVuHpYu2daR03hvJjJ5J/uDlmQ++F90OyED1NPkqi1bWc4m18PiDXzgAAhROnL9FUvLdlW/nkc2fYvSsaxDZUWc7Ob1Ve4GjqsG12d3UAqAwCr7+lO80v06sK+P2hG2oPw55B8qMFZyIno4Zdf2FE66H8K57wbhvRE9d0b15LA5QldbRjCZkwJpuhNIqVBxAVRVb/jcsH6PdZMlxRk2JecAngZH27EhIePeKcOrjti9sdMSHpvwYMReA00V+2rT/H3L1Slft0gnTFsSjHWybSlLDM+6bSQkJ0NzdBRjo0dijhA3F8VIkiAVKhXaYgZcoH7XQIJnJtk7OceqHLmCF52Xpj9q2ZTR5m/bsfMlL5Yq63Gbbezp6NuRyCHEgc+o2mWpWp2uMqSi3Y0d1P5FKL3xL8T3RPi1GMhfX7IwbMXJSdc3Gii7iAdW1wZveEik/krWm/usmq1dfWO2dfnf+nDID3LQjWol5sseIJkkSiL5W5LGutxCmQ9hFgqKfQhsO115LeIAE4wZLss+V5ZuntD786heZnIpagtcRf9ETt+/Z64xZ2JS4beOlH1UO+1FrJ7OKAIyE+epCZZYaXxLLa+Q3F7TB/6NbsIo0N6xpPdK7WFhxMx9GPMqq0I+DC2dCtpa2uAWDPkNOLpjDnLV/DTlAEcJPVrIVQJGjV/gCG9ehr4Iawak7kR/Cql/Bjr6qpto33pH1lmHimxE1+zIS7tBR4I+IYZU0BO5zaMPiMZbsnmdxzbreEut2keWUecltoeIPJ5YnrrjElyeS3xiwM9L7gwugXEyt2w4/PLE/++okXMYpd9J8mDgJAOpUgvarpEnFaEAepb3KSQWbMzjztAGUbQ1cKPOBkus9WstHcqm0Hbdi9J9eSULRyf27v31oqDX6bBCqzmxzZZa/1BKy31xRfMt4E3Kamux2BBdVA7HjdQfr3YUnyvJlRoC8SbK6m27GxropCmn
Content-Type: text/plain; charset="utf-8"
Content-ID: <57A088F202F0E9468F5546BCCDA61AD3@AUSP282.PROD.OUTLOOK.COM>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: apnic.net
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SYZP282MB3169.AUSP282.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: d65b628d-1e5a-42d3-622f-08da02cfa196
X-MS-Exchange-CrossTenant-originalarrivaltime: 10 Mar 2022 19:53:21.8507 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 127d8d0d-7ccf-473d-ab09-6e44ad752ded
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: LPbpQzka/T1sosh97Ag6NIhv9qzXaWL3sHPmdw2f02/lTbLesps1XOZwaw568Bo+
X-MS-Exchange-Transport-CrossTenantHeadersStamped: ME4P282MB1238
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/u7N-89OKesXpOMxXlEXdcFj7rhc>
Subject: Re: [Sidrops] [WGLC] draft-ietf-sidrops-roa-considerations-01 - Ends 10/March/2022
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Mar 2022 19:53:32 -0000


> On 10 Mar 2022, at 11:07 pm, Randy Bush <randy@psg.com> wrote:
> 
>>> the CA, in some thought of saving bandwidth or something, packs data
>>> up into AS-based blobs which the RPs are then supposed to unpack and
>>> reconcile.  where's the win that is worth all that work?
>> 
>> “less objects, smaller”
>> 
>> It sounds like an attractive optimisation on paper.
> 
> "Premature optimization is the root of all evil (or at least most of it)
> in programming.”  -- D Knuth
> 
>> I would need benchmark results (with a rir-sized repo with
>> 1-vrp-one-ROA) to see how much it does in practice.
> 
> i think one would want to measure whole system, from CA repo to the
> router
> 
>> My mental model: The RPKI is a directed rooted forest. From a single
>> point of view, for all CAs, you see a consistent snapshot for a CA (or
>> encounter a failed fetch).
> 
> [ s/for all/for each/ ? ]
> 
>> If there are no split views on the repository content, RPs will
>> eventually see the same updates.
> 
> except the CA PPs publish asynchronously, on varied schedules, etc.
> 
> and the RPs fetch asynchronously.
> 
> and the routers ...
> 


How many times do we need to go around and around this space before we realise
that asynchronous demand-pull flooding designs are intrinsically broken?

At least one more time, it seems.

Geoff

v2.23.0 | Report a Bug | By Email