[161550] in North American Network Operators' Group
Re: [c-nsp] DNS amplification
daemon@ATHENA.MIT.EDU (David Conrad)
Tue Mar 19 15:24:47 2013
From: David Conrad <drc@virtualized.org>
In-Reply-To: <20130319185706.GB58609@ussenterprise.ufp.org>
Date: Tue, 19 Mar 2013 12:24:34 -0700
To: Leo Bicknell <bicknell@ufp.org>
Cc: "nanog@nanog.org Group" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Leo,
On Mar 19, 2013, at 11:57 AM, Leo Bicknell <bicknell@ufp.org> wrote:
> In a message written on Tue, Mar 19, 2013 at 11:33:33AM -0700, David =
Conrad wrote:
>> LISP doesn't replace BGP. It merely adds a layer of indirection so =
you don't have to propagate identity information along with routing =
topology, allowing much greater aggregation.
> The problem with LISP is that when the complexity of the entire
> system is taken into account it is not signficantly more efficient
> than the current system. =20
When was the last time you (as a network operator) cared about the =
efficiency of the entire system?
LISP (and similar) system are inherently more complex because they're =
adding a new element to the network -- TANSTAAFL. The point is that the =
complexity is added at the edge where it is easy/cheap (per node or =
site). Yes, entire system complexity goes up. However from the =
perspective of the core where life is fast/expensive, complexity goes =
down since identity is separated from location.=20
> A LISP network is a similar model, with LISP nodes caching rather than =
linecards.
You're comparing the equivalent of a DNS lookup with a FIB lookup. Yes, =
there is a performance hit when you do the mapping of identity to =
location (TANSTAAFL), however this is at the edge in the millisecond =
DRAM-stored connection initiation world, not in the core in the =
nanosecond SRAM-stored packet forwarding world.
Regards,
-drc
