ROVER routing security - its not enumeration
Randy Bush
randy at psg.com
Tue Jun 5 19:40:52 UTC 2012
>> There are number of operational models that provide the needed
>> routing protection without enumeration.
> I can see a use-case for something like:
> "Build me a prefix list from the RIR data"
this requires a full data fetch, not doable in dns.
and, at the other end of the spectrum, for any dynamic lookup on
receiving a bgp announcement, the data had best be already in the
router. a full data set on an in-rack cache will go nuts on any
significant bgp load. beyond that, you are in non-op space.
randy
More information about the NANOG
mailing list