[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[c-nsp] DNS amplification

In a message written on Tue, Mar 19, 2013 at 11:33:33AM -0700, David Conrad wrote:
> LISP doesn't replace BGP. It merely adds a layer of indirection so you don't have to propagate identity information along with routing topology, allowing much greater aggregation.

The problem with LISP is that when the complexity of the entire
system is taken into account it is not signficantly more efficient
than the current system.  Even if it works perfectly, it makes no
economic sense to spend the time and money to swap out the current
system for something with approximately the same scaling properties
and costs going forward.  Any replacement would probably have to
be an order of magnitude better at least to justify the pain of

LISP also has some potential downsides at Internet scale.  Those
who remember the 7500 platform when caching was the rage know what
happens when you have to flush the cache for example.  A LISP network
is a similar model, with LISP nodes caching rather than linecards.
There is potential for distributed uglyness.

However, the LISP folks made a rather smart course correction in
my opinion, and one I never would have thought to make.  The LISP
testbed network proved that LISP was a nice way to overlay an
arbitrary topoligy on top of the existing Internet.  Compared to
many other "VPN" solutions it has a lot of nice properties.  Some
folks are now using LISP to network a collection of sites using
commodity internet access making very resiliant topologies quickly
and easily.  I suspect LISP may find a very productive niche.

       Leo Bicknell - bicknell at ufp.org - CCIE 3440
        PGP keys at http://www.ufp.org/~bicknell/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 826 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20130319/7b041f52/attachment.bin>