[146286] in North American Network Operators' Group
Re: where was my white knight....
daemon@ATHENA.MIT.EDU (Christopher Morrow)
Tue Nov 8 16:22:59 2011
In-Reply-To: <4eb971e6.11fc960a.4e29.3c18SMTPIN_ADDED@mx.google.com>
Date: Tue, 8 Nov 2011 16:22:48 -0500
From: Christopher Morrow <morrowc.lists@gmail.com>
To: bmanning@vacation.karoshi.com
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Tue, Nov 8, 2011 at 1:14 PM, <bmanning@vacation.karoshi.com> wrote:
>
> =A0that was/is kindof orthoginal to the question... would the sidr plan
> for routing security have been a help in this event? =A0nice to know
> unsecured IPv6 took some of the load when the unsecured IPv4 path
> failed.
>
if all routing goes boom, would secure routing have saved you?
no... all routing went boom.
> =A0the answer seems to be NO, it would not have helped and would have act=
ually
> contributed to network instability with large numbers of validation reque=
sts
> sent to the sidr/ca nodes.
I think actually it wouldn't have caused more validation requests, the
routers have (in some form of the plan) a cache from their local
cache, they use this for origin validation... there's not a
requirement to refresh up the entire chain. (I think).
-chris
>
> /bill
>
> On Tue, Nov 08, 2011 at 10:01:04AM -0800, Mike Leber wrote:
>>
>> We saw an increase in IPv6 traffic which correlated time wise with the
>> onset of this IPv4 incident.
>>
>> Happy eyeballs in action, automatically shifting what it could.
>>
>> Mike.
>>
>> On 11/8/11 2:56 AM, bmanning@vacation.karoshi.com wrote:
>> >how would a sidr-enabled routing infrastructure have fared in yesterday=
s
>> >routing circus?
>> >
>> >/bill
>> >
>
>
