soBGP deployment

• Previous message (by thread): soBGP deployment
• Next message (by thread): soBGP deployment
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

As far as answering the "First Goal" of the article, I really don't  
see much here that isn't handled today by route registries, except  
for the TLS certificate stuff. Not sure how much security that adds,  
practically; how often do people see their route objects jacked by  
hax0rs?

For the "Second Goal" part, this is somewhat intriguing, although I  
would like to know how often "fake" as-paths get leaked and if it  
really happens often enough to justify a new BGP infrastructure in  
order to prevent it. Maybe as part of BGPv5, where there are other  
benefits to migrating to the new protocol (32-bit ASNs, anyone?)

In short, the goals seem laudable, but it seems that this solution  
seems a bit, well, extreme, and I'm not sure if the disease if worse  
than the cure. That said, I'm curious how much of this can be  
implemented realistically at the single-peer level the paper  
mentions. Just don't ask me to run it on a GRP-B.

-C

On May 19, 2005, at 7:51 PM, vijay gill wrote:

>
> If you are an operator, would you deploy soBGP or something like  
> it? If not, why not.
>
> http://www.cisco.com/en/US/about/ac123/ac147/ac174/ac236/ 
> about_cisco_ipj_archive_article09186a00801c5a9b.html
>
> /vijay
>

• Previous message (by thread): soBGP deployment
• Next message (by thread): soBGP deployment
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]