Securing the BGP or controlling it?

Patrick W. Gilmore patrick at ianai.net
Tue May 11 13:09:42 CDT 2010


On May 10, 2010, at 3:20 PM, Randy Bush wrote:

>> this is a matter of risk analysis.  No secure routing means we'll
>> continue to see the occasional high profile outage which is dealt with
>> very quickly.
> 
> how soon we forget 7007, 128/8, ...  over a day each, and global, and
> very big netowrks.

You are right, I forgot that 7007 took more than a day.  I distinctly remember being able to use the 'Net later that same day, so I did more than "forget", I actually invented something in my memory.

Moreover, Vinny physically unplugged (data _and_ power) all cables attached to the Bay Networks router which was the source of the problem in very little time.  Maybe 30 minutes?  It was Sprint's custom IOS image which ignored withdrawals that made the problem last a very long time.  I would say that is two separate problems, but I guess you could argue they are related and we should be vigilant against hijacking in case Sean re-enters the field and cons $ROUTER_VENDOR into writing custom code because he's too cheap to upgrade his hardware.

Whichever interpretation you prefer the last two sentences, having that information is germane to the discussion.  Having all the facts allow us to make good decisions based on more than sound-bites and NYT articles.

Of course, then we couldn't post cryptic one-liners trying to scare the newbies with our vast knowledge of historical events, however we spin them.  And then where would we be?

-- 
TTFN,
patrick

P.S. Lest anyone think I am arguing for (or against) one view or the other, I am not.  Every big outage means someone has to explain to their management what went wrong, whether it was their fault or not.  And protecting against every possible outage is hideously expensive.  Both sides need to be considered.  But hyperbole, half-truths, and spin is not the basis for a rational discussion.  IMHO, of course.



> if something like those happen again, we are gonna be spending a lot of
> time explaining our selves to people who wear funny clothes, and telling
> them why it is not going to happen again if they let us keep our jobs.
> 
> randy
> 





More information about the NANOG mailing list