[81066] in North American Network Operators' Group
Re: soBGP deployment
daemon@ATHENA.MIT.EDU (Tony Li)
Wed May 25 01:14:52 2005
Date: Tue, 24 May 2005 22:14:09 -0700
From: Tony Li <tony.li@tony.li>
To: Randy Bush <randy@psg.com>
Cc: Geoff Huston <cidr-report@potaroo.net>,
Bill Manning <bmanning@ep.net>, nanog@nanog.org
In-Reply-To: <17043.26506.930512.257281@roam.psg.com>
Errors-To: owner-nanog@merit.edu
Randy,
> wrong. as deployment will be expensive and long, we will have one chance to
> deploy. so need a serious solution set for what we have to consider to be a
> very serious attack model. plan for attacks against the routing system as
> smart, well-researched, constant, ... as the best we see against ssh, htt,
> ... today.
Baloney.
Deployment need not be expensive or long. And updates and enhancements
need not be expensive or long either. Updates can be enabled on a
per-BGP peer basis and thru careful use of capability bits can be nearly
automatic.
We need to decide what we are going to do, we need to code it, test it
and field it. I seem to recall that in the good old days we did this in
the space of a year.
Tony
