On Fri, Nov 30, 2012 at 2:37 PM, Arturo Servin <[email protected]> wrote:
>
> If you only have one cache, and this fails, and you need to restore
> the
> whole repository(ies): then yes. You have a problem.
>
> But if you have two cache servers, perhaps you would not even notice
> while the second one is getting the whole repository(ies).
>
> But I am not sure if I am following your and Russ rationale.
>
a worked example is something like:
ROA in repository for X years:
as701-1.2.3.0/24
Time T0:
bgp route: 1.2.3.0/24 as-path: 701
Time T1:
dos attack on 1.2.3.4/32
Time T2:
AS701 says: "oh, ddos_svc, pls to help us!! Yes, we are a new customer
we just signed up on your website, please helpz!!"
Time T3:
new-roa: 1.2.3.0/24 - AS-DDOS_SVCS
Time T4:
bgp-route: 1.2.3.0/24 as-path: AS-DDOS_SVCS
Time T5:
routing validates and things divert to ddos-svc
I think Danny (and russ as well, at least) are worried that in the
case of no prior agreements the time TODAY for this process is
'minutes', and that if I have to publish a new roa, ship that around,
make sure everyone gets it ... the time is 'longer' tomorrow. (eric's
numbers would say full replication and availability of the data is
O(2days) or something)
today there's no validation on the origin so if you pick your
upstreams 'right' you can get reach-ability from a large portion of
the network quickly. tomorrow in a 'only validated routes' world, you
have to wait for propagation of the roa content.
So, the (a) question is:
"How fast does the certified resources data (as seen by bgp
speakers) have to meet up with reality?"
-chris
_______________________________________________
sidr mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/sidr
