Cough! On Fri, 20 Dec 2002, batz wrote:
On Fri, 20 Dec 2002, David Lesher wrote:
:[This just jumped into the operational arena. Are you prepared :with the router port for John Poindexter's vacuum? What changes :will you need to make? What will they cost? Who will pay?]
There is a really easy way to accomplish this, and it has been apparently partially implemented within UUNet as an overlaid network of GRE tunnels for a few years, at least based on a Nanog presentaton from October 1999.
This is incorrect, this isn't implemented, its not implementable, current routing gear doesn't gre tunnel a) fast enough, b) at all.... HOWEVER, juniper will allow you to copy packets on an interface in 5.5 or perhaps a bit later code, this is one way to implement this... however having a new oc-X for each oc-X you wanna monitor. I wonder if there is a limit to the amount of fiber the OCS/NCS/NPIC wants to monitor?
This can be accomplished quite cost effectively, provided the government doesn't want to archive *everything*.
even if the gre tunnel (Center Track (c) Robert Stone, et al.) idea worked right and scaled correctly things would still be 'expensive'... to monitor/maintain/manage.
I keep mentioning this, and for some reason few people seem to recognize how profoundly simple it would be for the government to legislate themselves into exchange points and have the authority to announce certain prefixes to the IX, tunnel the traffic of the affected route into their own network, and monitor it without ever showing up in a traceroute.
Sure, or they could ask carriers to tap lines for them silently... in fact they can do that today with a court order. -Chris