Once you've built the validator cache we need to look about how we might deploy these now with one validator cache available for the entire network the routers end up speaking just to the one cache if that cache goes away the routers no longer have a means to check the validation of prefixes so our advice would be to deploy at least two valid data caches you won't want to put these in the same equipment rack you won't want them in the same point of presence it'd be much better to have them geographically diverse Lee located in different cities different towns depending on the extent of your network also consider two different validator cache implementations because this gives software independence with just one implementation you end up being tied to the foibles or the bugs of that particular implementation I'm probably the easy way of doing this is to implement on a Linux container so the container can be moved between different server clusters as required Thank You van the Internet today is migrating to dual stack operation where we're using both ipv4 and ipv6 I would advise to configure the validator to listen on both ipv4 and ipv6 and then configure the routers that need it with both ipv4 and ipv6 validator connections so in the case of ipv4 breaking you still have validation information over ipv6 and vice versa another common question is about how we secure the validator and that's best achieved but only permitting the routers running ebgp to have access to the validators otherwise the standard rules of securing small containers or services would apply.
© Produced by Philip Smith and the Network Startup Resource Center, through the University of Oregon.
Attribution-NonCommercial 4.0 International (CC BY-NC 4.0)
This is a human-readable summary of (and not a substitute for) the license. Disclaimer. You are free to: Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material The licensor cannot revoke these freedoms as long as you follow the license terms. Under the following terms: Attribution — You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use. NonCommercial — You may not use the material for commercial purposes. No additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits.