If you only have one cache, and this fails, and you need to restore the
whole repository(ies): then yes. You have a problem.
But if you have two cache servers, perhaps you would not even notice
while the second one is getting the whole repository(ies).
But I am not sure if I am following your and Russ rationale.
Regards,
as
On 30/11/2012 17:16, Danny McPherson wrote:
>
> On Nov 30, 2012, at 1:10 PM, Montgomery, Douglas wrote:
>
>> RPKI does not reflect run-time changes in topology. It is a declarative
>> system in which one would expect information to typically change with
>> human driven processes (e.g., allocation of addresses, establishment of
>> peering relationships, etc.)
>
> It's not a question of speed, it's a question of reaction time.
>
> As _one example, I know of many commercial DDoS products and services that
> automate these processes, RPKI as designed hampers our ability to respond in
> less than hours, and BGPSEC likely much longer. How do I rationalize this
> when it doesn't even fix things that I consider routing security issues
> (e.g., the Google sanfu weeks back?)?
>
> Here the cure may well be worse than the disease. Mefloquine, anyone?
>
> -danny
> _______________________________________________
> sidr mailing list
> [email protected]
> https://www.ietf.org/mailman/listinfo/sidr
>
_______________________________________________
sidr mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/sidr
