nanog mailing list archives
Re: ARIN and the RPKI (was Re: AltDB?)
From: Christopher Morrow <morrowc.lists () gmail com>
Date: Wed, 5 Jan 2011 23:23:02 -0500
On Wed, Jan 5, 2011 at 11:16 PM, Randy Bush <randy () psg com> wrote:
We need at least these things to exist: o an accurate mapping of resource (netblock/asn) to authorized-entity (RIR/NIR/LIR/Customer/...) o a system to manage this data for our routing equipmentsee all the sidr documents in last call to go from i-ds to rfcs. oh, you co-chair sidr :)
yes, sorry I should have been more open ... i do co-chair (with sandy murphy) the sidr-wg at the IETF.
o protocol enhancements that can be used to help propagate the mapping information or at the least help a router programmaticly understand if a resource is being used by the authorized entitysee draft-ietf-sidr-rpki-rtr-07o routing software that can digest the enhanced datain test. rumors of going normal release from at least one vendor in q2o routing hardware that won't crumple under the weight of (what seems like) heavier weight routing protocol requirementsactually, the formal rpki-based origin-validation stuff is measured to take *less* cpu, a lot less, than ACLs
CPU + RAM both parts of the vector matter. (but you knew this) Some of the interesting data would, I think, be good for ops folks to see more openly, things that may actually affect their purchasing and design decisions even! Danny's had some good presentation material about changes in spec/implementations that have altered drastically the update load on devices in actual networks.
There is, of course, some risk with this model and we should take the time to accept/discuss that as well.some guidance toward ameliorating the risks are in <draft-ietf-sidr-rpki-origin-ops-00.txt>. input from ops into all this stuff would be most welcome.
yes (as the co-chair) yes (as the OP... more input/thought/discussion) and looking at the: <https://www.arin.net/about_us/bot/index.html> it looks like the BoT is due to have a meeting either this week or next? (they seem to always have one in the first week or two of the year?) so again speak up here AND perhaps send a note the BoT or your ARIN Rep's way "now". -Chris
Current thread:
- ARIN and the RPKI (was Re: AltDB?) Christopher Morrow (Jan 05)
- Re: ARIN and the RPKI (was Re: AltDB?) Randy Bush (Jan 05)
- Re: ARIN and the RPKI (was Re: AltDB?) Christopher Morrow (Jan 05)
- Re: ARIN and the RPKI (was Re: AltDB?) Dobbins, Roland (Jan 05)
- Re: ARIN and the RPKI (was Re: AltDB?) Christopher Morrow (Jan 05)
- Re: ARIN and the RPKI (was Re: AltDB?) Randy Bush (Jan 05)
- Re: ARIN and the RPKI (was Re: AltDB?) Kevin Oberman (Jan 06)
- Re: ARIN and the RPKI (was Re: AltDB?) Christopher Morrow (Jan 06)
- Re: ARIN and the RPKI (was Re: AltDB?) Randy Bush (Jan 06)
- Re: ARIN and the RPKI (was Re: AltDB?) Randy Bush (Jan 05)
- Re: ARIN and the RPKI (was Re: AltDB?) Randy Bush (Jan 05)