> I think there's a few things here that are certainly valid concerns. > I'd like to refresh them into the following based on my observations: > > 1) The transport core of the network where all these control-plane > messages currently happen is growing and requires dense-high bandwidth > routers > 2) when you upgrade the router/fabric/whatnot you typically need some > new routing-engine, rsp, cpu, etc. that is typically "faster". Maybe > not fast enough for some, but they tend to be "faster". > 3) As a percentage cost of an overall upgrade (take t640 -> t1600) the > RE component is not the most expensive part by far > 4) Cisco/Juniper have some products that are certainly long in the > tooth and honestly are too underpowered for even their own aggressive > cpu consumption/growth. It's so bad in cases they don't realize the > performance is poor on the older hardware as the labs typically have > (on average) newer hardware than in the core provider networks. > > As of today, crypto can be expensive if you don't have something > destheigned to accelerate it (eg: hardware assist for SSL on some > platforms).
crypto assist is getting pretty cheap and will continue to get cheaper. as a vendor friend said, we're gonna be upgrading in the 3-5 year time-frame anyway to get routers that can forward ipv6 at the same rate as ipv4. :( we have been talking in circles about securing inter-domain routing for over a decade. if we lay out a plan and start actually moving forward, our 'natural' core hardware upgrade cycle is on the order of half that time. or we can explain to the wsj why we still have no plan when the next youtube accident occurs. randy _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
