On 3/29/2012 3:58 AM, Jakob Heitz wrote:
Any place that does not receive a new BGP update can not be helped. Even with a beacon.
Just to be clear, the explicit expire time approach to freshness does work to age-out updates along a update path that is no longer bgp-reachable from the origin. It is the only technique that will help all withdrawl suppression, etc scenarios.
That is a slightly different point than this thread (how to indicate that a router has updated RPKI state). But if you were doing origin beacons like the -01 draft, you may not need to do this.
Actually from the belt-and-suspenders approach discussed yesterday (combining coarse beaconing with pre-staging two rtr keys and doing faster paced roll) ... what we need to do is expedite / trigger CRL retrievalal / processing (of router old key).
The important part of a key roll, is invalidating the old key. We can't pre-stage the CRL, so while we can move to the new key at the speed of BGP convergence, we can only revoke the old key at the speed of RPKI publication, data distribution, and cache-to-rtr.
Frankly if we limited the granularity of the beacon to days, I suspect that will be faster than the global CRL pipeline.
dougm
Therefore, a freshness indicator in the BGP update itself is enough to invalidate less fresh updates. Only freshen the BGP update when you actually have a dispute with your old provider. -- Jakob Heitz. On Mar 29, 2012, at 9:51 AM, "Jakob Heitz" <jakob.he...@ericsson.com> wrote: > Could we not put a freshness indication into the BGP update? Then > everyone that receives the new update would know to invalidate the > less fresh paths. > > Here is the key point: The new update will reach everywhere that it > needs to go. Won't it? > > No expiry time needed. > > -- Jakob Heitz. _______________________________________________ > sidr mailing list sidr@ietf.org > https://www.ietf.org/mailman/listinfo/sidr _______________________________________________ sidr mailing list sidr@ietf.org https://www.ietf.org/mailman/listinfo/sidr
_______________________________________________ sidr mailing list sidr@ietf.org https://www.ietf.org/mailman/listinfo/sidr
