undefined | Better HN

0 pointsbenjojo124y ago0 comments

(Keeping in mind that replacing BGP is similar hard-ness as replacing SMTP, and thus, might not be worth it)

Honestly, the issue that exists with BGP is not the protocol. The issue is attached to trust, and there is not a instantly fixable problem with a different protocol.

One issue with the internet as a whole is that seemingly simple questions are actually hard, The one is slowly being fixed with RPKI is "Who actually owns this IP address", knowing this we can build better filters against direct (origin AS != owner AS) hijacks.

However the next question that has no solution for is "Who is allowed to carry this route/transit this data?" -- This is going to be unbelievably hard to solve with certainty, There is question that maybe a PKI solution could be deployed (BGPSEC). However you also will hit the next issue.

The bgp table is massive. 1M+ routes that is stored on machines with reasonably long lifetimes. It does not help that in terms of computing power these machines are in general very slow. A multi TBit/s router may only have a 2014 era laptop CPU powering it. So computing anything 1M times quickly is a massive ask, and when links go down, it is reasonable have fast recompute/reconvergance times.

Fixing bgp is not a easy issue. Anyone who is telling you so is either fraudulent or does not understand the sheer scale/scope of the issues attached to the protocol.

0 comments

convolvatron4y ago

it is if you relax the constraint that the providers keep the legacy allocations and can advertise whatever the hell they want

Steve Deering had a really nice proposal on geographic addressing that would make pki sufficiently performant by using hierarchical assignments

makeworld4y ago

Have you seen Yggdrasil? It provides an alternate routing idea, among other things.

https://yggdrasil-network.github.io/

j / k navigate · click thread line to collapse