Slashdot videos: Now with more Slashdot!
If somebody's fresh out of the military, then they're not even considered.
Not sure if you are aware of this, but veteran status is a protected class in the US. This type of discrimination is not easy to prove though, so I'd be careful what emails you send concerning a candidate's military background.
No one router has a "full table" of all the routes. The routing protocols and the engineers work to make sure the tables are as close to lean as possible.
Just about all ISPs and backbone carriers carry full tables and many large organisations do as well for multihoming purposes. Global BGP tables are currently around 513,191 routes and this is what facilitated the issues mentioned in the article. One ISP made a mistake and started advertising more specific prefixes for blocks that were already summarized and this pushed the number of global routes beyond the limits of some older hardware. I would suggest reading about the Default Free Zone.
Your offered solution isn't necessary.
LISP is not something that I invented, it's something the IETF is working on to solve a perceived problem.(RFC6830) Some IETF contributors came to the conclusion the Internet routing system was not scaling well with the "explosive growth of new sites" and multihoming that many organisations now do. Problem Statement From all indications, the growth of the Internet does not appear to be slowing down, but accelerating. It seems like a prudent choice to evaluate different ideas as possible solutions to the issue of Internet scalability.
Your bitcoinesque solution for IPv6 allocation would make things worse.
It seemed like a technical solution to avoid the politics of Internet governance. I admit it wasn't well thought out, however I am curious how it would make things worse by allowing a small block of IPv6 addresses to be allocated in a decentralized way and adding cryptographic integrity along the way.
Plus, networks transit other networks all the time, meaning one network can advertise a prefix they don't own, legitimately.
I should have been more specific; I was suggesting originating advertisements would be signed as opposed to transient advertisements.
Routers that speak BGP are on the ISP and backbone level,
Medium to large organisations also use BGP to advertise their address space to their ISP(s).
and are physically secured.
Originating BGP route advertisement signing is not intended to supplant physical security measures.
Your home router doesn't speak BGP, and if it did, your ISP's router would ignore it.
None of this would really be necessary for a home user as their ISP would be doing all of this on their behalf.
To announce rogue routes, one needs to hack into the ISP and backbone peering routers -- which happened recently, but is rare.
To announce rogue routes, one only needs an ISP that doesn't filter incoming BGP advertisements properly. It seems apparent as the Internet grows there will be more and more BGP peerings and as a consequence of that not all of them will be competent or aboveboard with their implementations.
The Resource Public Key Infrastructure (RPKI) is a step in the right direction, however seems to be mainly for preventing mis-configurations from causing outages. Someone with malicious intent need only use AS path prepending to bypass this protection.
LISP is supposed to help with routing table exaustion and keep the global routing tables lean. It does this with a distributed database to basically map out endpoints and create tunnels around the internet. This is so no one router on the internet needs to have a full table.
In the short term for backwards compatibility, endpoints will be identified with IPv4 or IPv6 addresses, but it seems to work with any unique ID, like a serial number or GPS coordinate.
Locator/Identifier Separation Protocol (LISP)
My additional two cents...
I realize I'm risking any credibility I might have by mentioning anything related to bitcoin, but I think it's an interesting idea worth stating. Although I don't have any interest in using bitcoins as a currency, I think the underlying technology is interesting and could be useful in other applications.
The idea is for organisations to "mine" for their IPv6 allocation. They can then use their "wallet" to sign their BGP advertisements so that their peers can be certain (for various values of certain) they own that prefix. This also has the effect of decentralizing the allocation of resources, and considering the vastness of the address space of IPv6, it would be a waste of time for anyone to attempt to mine all of it and hoard it.
Short of being possessed by satan, I see no good reason to tie a second grader to a desk.
Semi-first world countries? Just goes to show how out of touch Americans really are with the rest of the world.
quite a few Americans
Responding to a gross generalization with another is not cool. There are some of us here that see the light, but obviously are not the ones in charge.