Hi,
On Fri, Dec 07, 2018 at 05:03:03PM -0600, Nico Williams wrote:
> What I meant is that I don't understand why resetting a connection
> should still cause routes to flap. Instead I'd expect session
> management negotiation to determine whether the thing that failed (e.g.,
> a BGP daemon) implies that the routes are gone or not. Then RST
> injection would not be a problem. You'd still need integrity
> protection, but then that could always have been done with TLS.
We do have BGP graceful restart. Which just causes a bit of CPU load
on both ends while they walk multiple millions of VPNv4 routes to
reestablish common state.
Gert Doering
-- NetMaster
--
have you enabled IPv6 on something today...?
SpaceNet AG Vorstand: Sebastian v. Bomhard, Michael Emmer
Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann
D-80807 Muenchen HRB: 136055 (AG Muenchen)
Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279
Attachment:
signature.asc
Description: PGP signature
