[DBWG] AFRINIC RPKI RRDP connectivity issues?
Job Snijders
job at fastly.com
Tue May 30 20:33:55 UTC 2023
Dear Michel, AfriNIC NOC team, working group,
I'd like to share positive news and express appreciation.
On Mon, May 29, 2023 at 06:46:40PM +0400, Michel ODOU wrote:
> Regarding the issue of the slow download speed on the v4, please note
> that we have a bandwidth constraint on a router, which affects the
> RRDP.
Aye, congestion is unfortunate, and can happen to anyone.
> 1. As short-term fix, disabling the RRDP is something we have considered
> (actually we tried serving HTTP 204 instead of 404) but we need to schedule
> a window where RRDP will fall back to rsync - this must be announced on our
> status page. We will do this tomorrow and based on the traffic, we shall
> decide on the way forward.
Based on https://status.afrinic.net/notices/dkpzrtgqzftlclyg-rrdp-service-degradation
and my log files I see that RRDP has been disabled. The action of
disablement appears to have significantly improved the world's ability
to synchronize to the AfriNIC RPKI repositories. This means that ROAs
and revocations now are distributed to the world in a timely fashion.
Having performed some measurements, I note that initial synchronization
(with a cold cache) now only takes ~ 17 seconds (down from 30+ minutes)
and subsequent resyncing takes ~ 6 seconds. This is really good,
especially at 182 ms latency from where I'm sitting.
All in all this is an incredible improvement. I'm very happy to see that
the actions taken by the AfriNIC NOC have made the situation better for
everyone in the global Internet routing community. I very much
appreciate these restorative actions, especially since it might seem
very counter-intuitive that making RRDP unavailable actually helps
restore the end-to-end availability and functioning of a system.
I think there are lessons to be learned here about the design of RRDP.
I've shared some observations and recommendations with the IETF SIDROPS
working group should a RRDP v2 project start:
https://mailarchive.ietf.org/arch/msg/sidrops/s70Z3EOJX5TcRYKbNA6axbK_Tuo/
For me the biggest lesson is that the RRDP v1 protocol has significant
overhead and that improving the compressability and reducing the
overhead might help prevent future congestion events by making better
use of the resources available to everyone.
Thanks all!
Kind regards,
Job
More information about the DBWG
mailing list