On Dec 6, 2012, at 7:00 PM, Montgomery, Douglas wrote: > > On 12/6/12 5:57 PM, "Eric Osterweil" <[email protected]> wrote: >> >> Uh... big difference. DNSSEC doesn't require you to care about anything >> before you need it (on demand). RPKI is prefetching... I can't really >> outline the architectural difference better than that. > > So this seems to be about sub-system behavior in various transient states. > Cold start of a relying party, when there are no other "hot" instances in > contact. While some will argue that one can engineer redundant systems, > and smart RPs (e.g., that initialize with last running check-pointed state > at boot), still I will admit that one could envisions firing up a new RP, > just out of the box, for the first time and it taking time to load its > initial state.
I was hoping we could all see from my quoted text above that this latest discussion is about the _architectural_ difference between the on-demand soft-state DNS system, and the prefetching replicated state machine of RPKI. These two are fundamentally very different architectural models. Your comments about boot states are interesting, but somewhat off topic to this post, imho. > Won't a demand driven system will experience something very similar when > first fired up and and a full table dump comes across the wire in BGP? Ask any of the operators on this list how they feel about full table dumps and routers refreshing table state, configs, etc when coming online. If you're saying that RPKI is just like that, I think you just sank your position. > If a demand driven system wasn't smart enough to use a hot standby with > significant cached state, it too will suffer the latency of pulling a > significant portion of the data it needs instantly. Again, we were discussing the architectural difference, not polishing the chrome on the titanic. :) > While I see the architectural differences in those two, it is not clear to > me that the end result to a running BGP system that uses them is all that > different. Hmm.. Well, re: my comment above, we have very different opinions. I (literally) defer to operators to answer my above question, and if I'm rebuffed on that, then so be it. > Once either approach has achieved steady state, assuming there was some > caching done in the demand based system, if the cache holding time of > demand queries was the same as the poling interval of the RP, do you think > the responsive ness of a change of authoritative info is all that > different? I honestly have to say that I don't know how I could tell at this point. I think it would be good for someone to put forward a model, do some simulation/measurements and present some analysis. I don't know when BGP is in ``steady state'' or what you might mean by that, but it seems like a good time for us to be more quantitative and less qualitative. > Or do you not assume there will be any caching in a demand based system? > And if so, would you be concerned about the peers * full_table number of > queries that would result from a router reboot? I honestly don't understand this last part, but I'm hoping my comments and questions (above) address it? Eric _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
