nanog mailing list archives
Re: ARIN and the RPKI (was Re: AltDB?)
From: Randy Bush <randy () psg com>
Date: Thu, 06 Jan 2011 14:15:38 +0900
actually, the formal rpki-based origin-validation stuff is measured to take *less* cpu, a lot less, than ACLsOn the platforms which really matter in terms of rPKI, ACLs are handled in hardware, so this is pretty much a wash.
really? it was measured on a GSR. full check on a prefix, 10usec. that's microseconds. as chris pointed out, though, one pays for having the data in the trie, i.e. in ram. but not a lot. randy
Current thread:
- ARIN and the RPKI (was Re: AltDB?) Christopher Morrow (Jan 05)
- Re: ARIN and the RPKI (was Re: AltDB?) Randy Bush (Jan 05)
- Re: ARIN and the RPKI (was Re: AltDB?) Christopher Morrow (Jan 05)
- Re: ARIN and the RPKI (was Re: AltDB?) Dobbins, Roland (Jan 05)
- Re: ARIN and the RPKI (was Re: AltDB?) Christopher Morrow (Jan 05)
- Re: ARIN and the RPKI (was Re: AltDB?) Randy Bush (Jan 05)
- Re: ARIN and the RPKI (was Re: AltDB?) Kevin Oberman (Jan 06)
- Re: ARIN and the RPKI (was Re: AltDB?) Christopher Morrow (Jan 06)
- Re: ARIN and the RPKI (was Re: AltDB?) Randy Bush (Jan 06)
- Re: ARIN and the RPKI (was Re: AltDB?) Randy Bush (Jan 05)
- Re: ARIN and the RPKI (was Re: AltDB?) Randy Bush (Jan 05)