So -- what did happen to Panix?

• Previous message (by thread): So -- what did happen to Panix?
• Next message (by thread): So -- what did happen to Panix?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> 
> This is great for the planned changes, but real-time changes to
> respond to Internet dynamics won't work well with such delays.  If you
> are multi-homed to provide a backup, you would like for it to respond
> more quickly than 4-72 hours, I'll bet.  So if you have PI space but not
> your own AS, your backup route would look like a novel origination,
> but you sure wouldn't want it delayed.

no.

the scheme that josh karlin has been advocating in pretty good bgp
involved only supressing a doubtful announcement when you have a
better, more trusted announcement.  it remains to be seen how hard
this would be to implement in existing systems of "build filters in
configs and push to routers".  this only works obviously well in
systems that centralize route selection and use routers only as
forwarding engines.  that might be a cool idea, but it's not what we
have now.

if you don't use the pgbgp scheme, you can still get the benefits of
being no worse than what we have now.  consider this just a different,
more automatic, more scalable, more secure way of building and
maintaing the prefix filter that we all are supposed to maintaining
already.

i'll be happy to talk to interested parties at nanog in dallas about
this (or almost anything else, expecially if you're buying).

t.

-- 
_____________________________________________________________________
todd underwood
chief of operations & security 
renesys - internet intelligence
todd at renesys.com   www.renesys.com

• Previous message (by thread): So -- what did happen to Panix?
• Next message (by thread): So -- what did happen to Panix?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]