[189011] in North American Network Operators' Group
Re: Friday's Random Comment - About: Arista and FIB/RIB's
daemon@ATHENA.MIT.EDU (Saku Ytti)
Sat Apr 30 11:14:34 2016
X-Original-To: nanog@nanog.org
In-Reply-To: <5723C32A.1010008@foobar.org>
Date: Sat, 30 Apr 2016 08:12:26 -0700
From: Saku Ytti <saku@ytti.fi>
To: Nick Hilliard <nick@foobar.org>
Cc: nanog list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 29 April 2016 at 13:25, Nick Hilliard <nick@foobar.org> wrote:
>> The more paths you receive from different sources, the more likely it
>> is that this list of 120k "superfluous" prefixes will converge
>> towards zero.
>
> Agreed that small numbers of paths are most unlikely to create the
> conditions for this problem to occur.
If these compression schemes are implemented, and our compressed count
is near the limit of hardware, it creates interesting new attack
vector for attackers. Pump carefully crafted updated to global table
and watch networks melt.
I think compression makes more sense in controlled environments, but
controlled environments with large scale are likely to be exact
matches (i.e. bunch of host routes) not LPM anyhow. I'm not optimistic
about the technology.
--
++ytti
