[107259] in North American Network Operators' Group
Re: Revealed: The Internet's well known BGP behavior
daemon@ATHENA.MIT.EDU (Danny McPherson)
Thu Aug 28 19:43:08 2008
From: Danny McPherson <danny@tcb.net>
To: NANOG NANOG <nanog@merit.edu>
In-Reply-To: <48B71CF2.9010006@ai.net>
Date: Thu, 28 Aug 2008 17:42:46 -0600
Errors-To: nanog-bounces@nanog.org
On Aug 28, 2008, at 3:47 PM, Deepak Jain wrote:
>
> We can go into lots of reasons why the Internet runs this way. I
> think we can all agree 1) Its amazing it runs as well as it does,
> and 2) No one has clearly articulated a financial reason for any
> large organizations to significantly change their interconnection
> methodologies over the current BCP [that exceeds the costs of doing
> so].
>
> Until either of those assertions change, the status quo will
> essentially remain.
Well, there's also been a bit of a chicken and egg problem here -
as no formally verifiable authoritative source for who is authorized
to originate what IP address space has ever existed, and until that
happens, you can't secure the routing system.
Fortunately, the RPKI work will address this, and some of the RIRs
are working on RPKI implementations now. If there are ways the IRRs
can be populated using this information and non-RPKI derived
updates can be considered less preferable (whatever that means),
then we can get to a better place with the IRRs as a stop gap until
a secure routing protocol can actually be deployed. However,
without that as a stepping stone, it's an awfully large leap from
RPKI directly into a secure inter-domain routing protocol.
-danny
