Cost per prefix [was: request for help w/ ATT and terminology]
Mikael Abrahamsson
swmike at swm.pp.se
Wed Jan 23 11:12:45 UTC 2008
On Wed, 23 Jan 2008, Andy Davidson wrote:
> I think that charging for deaggregation of PA is hard to imagine. I
> think charging for PI as a model may have been worthy of consideration
> several years ago, but since we're only months away from entire product
> lines of deployed edge kit nolonger accepting a full table, the battle
> is over (and operators lost).
As far as I can see, the only way to solve de-aggregation and PI is to
create some kind of cryptographic signing of aggregate routes sent out to
DFZ.
RIPE/ARIN and other equal instances need to sign the combination of AS
and prefix, and this is then used (somehow) to authenticate the prefix
when received. This would also have the added benefit of stopping people
from sending more specifics with other ISPs IP space (or even their own,
as only the actual aggregate prefix would be signed, not more specifics
that people use for "TE").
So this "certificate" or alike needs to be time limited and coupled to
payment if we're going to charge for PI/PA yearly.
Yes, this increases complexity in the DFZ enormously, and I don't know if
the benefit outweighs the complexity and added risks for failures.
--
Mikael Abrahamsson email: swmike at swm.pp.se
More information about the NANOG
mailing list