nanog mailing list archives
Re: Securing the BGP or controlling it?
From: "Patrick W. Gilmore" <patrick () ianai net>
Date: Tue, 11 May 2010 14:09:42 -0400
On May 10, 2010, at 3:20 PM, Randy Bush wrote:
this is a matter of risk analysis. No secure routing means we'll continue to see the occasional high profile outage which is dealt with very quickly.how soon we forget 7007, 128/8, ... over a day each, and global, and very big netowrks.
You are right, I forgot that 7007 took more than a day. I distinctly remember being able to use the 'Net later that same day, so I did more than "forget", I actually invented something in my memory. Moreover, Vinny physically unplugged (data _and_ power) all cables attached to the Bay Networks router which was the source of the problem in very little time. Maybe 30 minutes? It was Sprint's custom IOS image which ignored withdrawals that made the problem last a very long time. I would say that is two separate problems, but I guess you could argue they are related and we should be vigilant against hijacking in case Sean re-enters the field and cons $ROUTER_VENDOR into writing custom code because he's too cheap to upgrade his hardware. Whichever interpretation you prefer the last two sentences, having that information is germane to the discussion. Having all the facts allow us to make good decisions based on more than sound-bites and NYT articles. Of course, then we couldn't post cryptic one-liners trying to scare the newbies with our vast knowledge of historical events, however we spin them. And then where would we be? -- TTFN, patrick P.S. Lest anyone think I am arguing for (or against) one view or the other, I am not. Every big outage means someone has to explain to their management what went wrong, whether it was their fault or not. And protecting against every possible outage is hideously expensive. Both sides need to be considered. But hyperbole, half-truths, and spin is not the basis for a rational discussion. IMHO, of course.
if something like those happen again, we are gonna be spending a lot of time explaining our selves to people who wear funny clothes, and telling them why it is not going to happen again if they let us keep our jobs. randy
Current thread:
- Re: Securing the BGP or controlling it?, (continued)
- Re: Securing the BGP or controlling it? Aaron Glenn (May 10)
- Re: Securing the BGP or controlling it? Nick Hilliard (May 10)
- Re: Securing the BGP or controlling it? Jared Mauch (May 10)
- Re: Securing the BGP or controlling it? Nick Hilliard (May 10)
- Re: Securing the BGP or controlling it? Joe Abley (May 10)
- Re: Securing the BGP or controlling it? Danny McPherson (May 10)
- Re: Securing the BGP or controlling it? Randy Bush (May 10)
- Re: Securing the BGP or controlling it? Nick Hilliard (May 11)
- Re: Securing the BGP or controlling it? Danny McPherson (May 11)
- Re: Securing the BGP or controlling it? Marshall Eubanks (May 11)
- Re: Securing the BGP or controlling it? Patrick W. Gilmore (May 11)
- Re: Securing the BGP or controlling it? Danny McPherson (May 10)
- Re: Securing the BGP or controlling it? Larry Sheldon (May 10)
- Re: Securing the BGP or controlling it? Danny McPherson (May 10)
- Re: Securing the BGP or controlling it? deleskie (May 10)
- Re: Securing the BGP or controlling it? Randy Bush (May 10)
- Re: Securing the BGP or controlling it? Larry Sheldon (May 10)
- Re: Securing the BGP or controlling it? Danny McPherson (May 10)
- Re: Securing the BGP or controlling it? Jorge Amodio (May 10)