North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: AS8584 taking over the internet

  • From: Hank Nussbacher
  • Date: Fri Apr 10 03:08:20 1998

At 07:25 PM 4/9/98 -0400, Scott Huddle wrote:
>I have and remain unconvinced and or confused ;)  The proposal allows
>an operator to verify a valid origin AS for a given prefix (i.e. "config"
>sorry if I'm being loose with the word) by using the DNS system with
>"bgp.in-addr" extensions.  I'm not sure which part of the random 
>route announcement problem that dnssec solves in this case?  It can
>help with the "are they indeed are who they say they are", but it 
>doesn't solve the "are they supposed to be doing what they said that 
>they're doing" case.

Has anyone benchmarked how long it will take to resolve 50,000 bgp.in-addr's
after a line hiccup or a "clear ip bgp *"?   -Hank

>
>And you didn't address my paranoia about not trusting the DNS ;)
>
>-scott
>
>> you may wish to read the draft.  it did not suggest using the dns to
>> configure.  and you may also want to look into dnssec.
>> 
>> randy
>> 
>
>