On Sep 6, 2013 10:06 PM, "Noel Chiappa" <jnc@xxxxxxxxxxxxxxxxxxx> wrote:
>
> > From: Scott Brim <scott.brim@xxxxxxxxx>
>
> > LISP does nothing for decentralization. Traffic still flows
> > hierarchically
>
> Umm, no. In fact, one of LISP's architectural scaling issues is that it's
> non-hierarchical, so xTRs have neighbour fanouts that are much larger than
> typical packet switches. In basic unicast mode, any xTR is always a direct
> neighbour to any other xTR; no xTR (in basic unicast mode, at least) ever goes
> _through_ another xTR to get to a third xTR. All LISP basic unicast paths
> always include exactly two xTRs.
> The actual detailed paths do mimic the underlying network, of course: if the
> network is hierarchical, the paths will be hierarchical, but if the network
> were flat, the paths would be flat. (Or is that what you meant?)
Yup. The encapsulation is not much of an obstacle to packet examination.
> > you add the mapping system which is naturally hierarchical and another
> > vulnerability.
>
> No more so than DNS; they are exactly parallel in their functional design.
Yes but DNS vulnerabilities have been covered elsewhere.
Cheers... Scott