North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: soBGP deployment
As far as answering the "First Goal" of the article, I really don't see much here that isn't handled today by route registries, except for the TLS certificate stuff. Not sure how much security that adds, practically; how often do people see their route objects jacked by hax0rs?
For the "Second Goal" part, this is somewhat intriguing, although I would like to know how often "fake" as-paths get leaked and if it really happens often enough to justify a new BGP infrastructure in order to prevent it. Maybe as part of BGPv5, where there are other benefits to migrating to the new protocol (32-bit ASNs, anyone?)
In short, the goals seem laudable, but it seems that this solution seems a bit, well, extreme, and I'm not sure if the disease if worse than the cure. That said, I'm curious how much of this can be implemented realistically at the single-peer level the paper mentions. Just don't ask me to run it on a GRP-B.
On May 19, 2005, at 7:51 PM, vijay gill wrote: