On 3-Oct-2006, at 14:17, Iljitsch van Beijnum wrote:
Well, my expience is pretty much the opposite: in the commercial
ISP world here in Europe, key changes are rare.
ISC has deployed (I think) almost 40 nodes of F now across six
continents, and there's peering at pretty much all of those
locations. That adds up to a fair number of sessions.
Those who look after those nodes now on a daily basis might report
different recent experience, but when I was doing that work I don't
believe I ever saw a request from a peer to change a key on a working
session.
So, your experience in Europe matches my experience in Europe, Asia,
North America, South America, Australasia and Africa.
Having said that, I certainly support the idea that changing keys is
a good idea, so long as people continue to use the TCP MD5 option on
their BGP sessions. Mechanisms to make it easier to change keys are
surely a good idea in that context.
Whether or not the TCP MD5 option is worth using at all is a
different question.
Joe
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf