[134432] in North American Network Operators' Group
Re: ARIN and the RPKI (was Re: AltDB?)
daemon@ATHENA.MIT.EDU (Christopher Morrow)
Wed Jan 5 23:37:50 2011
In-Reply-To: <DBC5E673-FF6B-4C51-A3B0-03F8580BB744@arbor.net>
Date: Wed, 5 Jan 2011 23:36:25 -0500
From: Christopher Morrow <morrowc.lists@gmail.com>
To: "Dobbins, Roland" <rdobbins@arbor.net>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Wed, Jan 5, 2011 at 11:30 PM, Dobbins, Roland <rdobbins@arbor.net> wrote=
:
>
> On Jan 6, 2011, at 11:16 AM, Randy Bush wrote:
>
>> actually, the formal rpki-based origin-validation stuff is measured to t=
ake *less* cpu, a lot less, than ACLs
>
> On the platforms which really matter in terms of rPKI, ACLs are handled i=
n hardware, so this is pretty much a wash.
I think ACLs here means prefix-lists ... or I hope that's what Randy
meant? (prefix-lists are still, I believe, handled in the router CPU,
and the normal router OS not in hardware)
> Concur on all the other points, however.
>
cool, thanks!
-chris
> ------------------------------------------------------------------------
> Roland Dobbins <rdobbins@arbor.net> // <http://www.arbornetworks.com>
>
> Most software today is very much like an Egyptian pyramid, with millions
> of bricks piled on top of each other, with no structural integrity, but
> just done by brute force and thousands of slaves.
>
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0-- Alan Kay
>
>
>
