nanog mailing list archives
Re: Securing the BGP or controlling it?
From: "Vincent J.. Bono" <vbono () 2nplus1 com>
Date: Mon, 10 May 2010 16:02:03 -0400 (EDT)
this is a matter of risk analysis. No secure routing means we'll continue to see the occasional high profile outage which is dealt with very quickly.
Speaking from painful experience all kinds of variable can ensure that even when a problem is identified quickly and action taken expeditiously outages can and do take much longer than "very quickly" to correct. Also, while (IMHO) the much higher level of private interconnects / peering links in use today vs. 1997 makes willful route hijacking more difficult, building better security directly into the protocol is certainly in order. A good parallel is the SS7 network that runs "routing" for traditional voice signaling: it's "secured" by using a completely separate, out of band TDM network (DS1s and DS0s) but its also an "in the clear" protocol and could be subject to willful vandalism.
Current thread:
- Re: Securing the BGP or controlling it?, (continued)
- Re: Securing the BGP or controlling it? Marshall Eubanks (May 11)
- Re: Securing the BGP or controlling it? Patrick W. Gilmore (May 11)
- Re: Securing the BGP or controlling it? Danny McPherson (May 10)
- Re: Securing the BGP or controlling it? Anton Kapela (May 10)
- Re: Securing the BGP or controlling it? Larry Sheldon (May 10)
- Re: Securing the BGP or controlling it? Danny McPherson (May 10)
- Re: Securing the BGP or controlling it? deleskie (May 10)
- Re: Securing the BGP or controlling it? Randy Bush (May 10)
- Re: Securing the BGP or controlling it? Larry Sheldon (May 10)
- Re: Securing the BGP or controlling it? Danny McPherson (May 10)
- Re: Securing the BGP or controlling it? Larry Sheldon (May 10)
- Re: Securing the BGP or controlling it? Vincent J.. Bono (May 10)
- Re: Securing the BGP or controlling it? Jorge Amodio (May 10)
- Re: Securing the BGP or controlling it? deleskie (May 10)