On Tue, Sep 11, 2018 at 1:11 PM, Dino Farinacci <[email protected]> wrote:
> > but this doesn't specifically address the fact that a pull-based control > plane will fail in a different way, and one that is potentially harder to > diagnose, from a push-based one. One area in which it differs is that a > loss of a BGP session followed by a network partition is obvious to all > users trying to move traffic between those two networks, while choking off > control plane traffic in LISP may only affect some endpoints in a > mysterious way. > > IMO, a feature and not a bug. And arguably harder to diagnose makes it > more secure. > Possibly. But being better or worse isn't my point, so much that it's *different* in a material way from a security perspective. Those deltas are where something proposing to supplant the prevailing mechanism for DFZ routing needs to be clear to operators. Kyle
_______________________________________________ lisp mailing list [email protected] https://www.ietf.org/mailman/listinfo/lisp
