During Sandy's tutorial presentation today, the topics of RIB size and CPU workload estimation for BGPSEC came up. I was asked to post links to past IETF presentations where work on these topics was presented.
"RIB Size Estimation for BGPSEC" https://www.ietf.org/proceedings/81/slides/sidr-2.pdf (SIDR meeting, IETF-81) http://www.nist.gov/itl/antd/upload/BGPSEC_RIB_Estimation.pdf (a few more details here) (Note: The BGPSEC protocol I-D specifies ECDSA-P256 for signing updates. However, RSA-2048 is included and compared in this study because RSA-2048 was also considered for signing updates in the early phase of BGPSEC design.) "Estimating CPU Cost of BGPSEC on a Router" http://www.ietf.org/proceedings/83/slides/slides-83-sidr-7.pdf (SIDR meeting, IETF-83) http://ripe63.ripe.net/presentations/127-111102.ripe-crypto-cost.pdf (slightly different version presented at RIPE-63) Some other topics also came up for discussion during the tutorial such as consideration for route servers (note: current BGPSEC supports transparent route servers by setting pCount=0), update packing (i.e. multiple NLRI in an update) - not supported in BGPSEC, etc. Design discussions related to these and many other topics (such as consideration of peer groups, max PDU size, AS_SETs, etc.) are provided in the following document: "BGPSEC Design Choices and Summary of Supporting Discussions" http://tools.ietf.org/html/draft-sriram-bgpsec-design-choices-06 (NOTE: This design choices document pertains only to the individual 00-draft [I-D.lepinski-bgpsec-protocol-00] dated March 2011. The BGPSEC protocol has obviously gone through many changes since then. So please be careful to bear this in mind while looking at I-D.sriram-bgpsec-design-choices.) Sriram _______________________________________________ sidr mailing list sidr@ietf.org https://www.ietf.org/mailman/listinfo/sidr