On Tue, 08 Nov 2011 20:51:00 GMT, Nick Hilliard said:
I understand what the manual says (actually, i read it). I'm just curious as to how this is going to work in real life. Let's say you have a router cold boot with a bunch of ibgp peers, a transit or two and an rpki cache which is located on a non-connected network
Anybody who puts their rpki cache someplace that isn't accessible until they get the rpki initialized gets what they deserve. Once you realize this, the rest of the "what do we do for routing until it comes up" concern trolling in the rest of that paragraph becomes pretty easy to sort out...
You could argue to have a local cache in every pop but may not be feasible either - a cache will require storage with a high write life-cycle (i.e. forget about using lots of types of flash), and you cannot be guaranteed that this is going to be available on a router.
Caching just enough to validate the routes you need to get to a more capable rpki server shouldn't have a high write life-cycle. Heck, you could just manually configure a host route pointing to the rpki server... And it would hardly be the first time that people have been unable to deploy feature XYZ because it wouldn't fit in the flash on older boxes still in production.