nanog mailing list archives

Re: ROVER routing security - its not enumeration

From: Randy Bush <randy () psg com>
Date: Tue, 05 Jun 2012 12:40:52 -0700

There are number of operational models that provide the needed
routing protection without enumeration.

I can see a use-case for something like:
  "Build me a prefix list from the RIR data"


this requires a full data fetch, not doable in dns.

and, at the other end of the spectrum, for any dynamic lookup on
receiving a bgp announcement, the data had best be already in the
router.  a full data set on an in-rack cache will go nuts on any
significant bgp load.  beyond that, you are in non-op space.

randy

Current thread:

ROVER routing security - its not enumeration Daniel Massey (Jun 05)
- Re: ROVER routing security - its not enumeration Shane Amante (Jun 05)
- Re: ROVER routing security - its not enumeration Christopher Morrow (Jun 05)
  - Re: ROVER routing security - its not enumeration Randy Bush (Jun 05)
    - Re: ROVER routing security - its not enumeration Christopher Morrow (Jun 05)
    - Re: ROVER routing security - its not enumeration Randy Bush (Jun 05)
    - Re: ROVER routing security - its not enumeration Christopher Morrow (Jun 05)
    - Re: ROVER routing security - its not enumeration Randy Bush (Jun 05)
    - Re: ROVER routing security - its not enumeration Doug Montgomery (Jun 06)
    - Re: ROVER routing security - its not enumeration Paul Vixie (Jun 10)
    - Re: ROVER routing security - its not enumeration Doug Montgomery (Jun 11)
  - Re: ROVER routing security - its not enumeration Tony Tauber (Jun 05)
    - Re: ROVER routing security - its not enumeration Christopher Morrow (Jun 05)