[c-nsp] RPKI extended-community RFC8097
Saku Ytti
saku at ytti.fi
Sat Dec 19 07:56:31 EST 2020
On Sat, 19 Dec 2020 at 13:45, Lukas Tribus <lukas at ltri.eu> wrote:
> soft-reconfig inbound always amounts to 100 MB of memory consumption
> for a v4 + v6 full feed as of last week on 32-bit XR. I can live with
> 100MB of memory consumption per full feed, so I'm doing soft-reconfig
> inbound always everywhere. This also helps with troubleshooting.
It is also DRAM exhaustion attack vector. But of course routers are
extremely fragile and anyone motivated can easily bring them down by
plethora of methods. Even with max-prefix it may be, as max-prefix may
mean before or after policy count, depending on platform and
configuration toggle.
--
++ytti
More information about the cisco-nsp
mailing list