[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
do not filter your customers
On Fri, Feb 24, 2012 at 3:59 PM, Leo Bicknell <bicknell at ufp.org> wrote:
> In a message written on Fri, Feb 24, 2012 at 01:04:20PM -0700, Shane Amante wrote:
>> Solving for route leaks is /the/ "killer app" for BGPSEC. ?I can't understand why people keep ignoring this.
>
> Not all "leaks" are bad.
>
> I remember when there was that undersea landside in Asia that took
> out a bunch of undersea cables. ?Various providers quickly did
> mutual transit and other arrangements to route around the problem,
> getting a number of things back up quite quickly. ?These did not
> match IRR records though, and likely would not have matached BGPSEC
> information, at least not initially.
well.... for bgpsec so if the paths were signed, and origins signed,
why would they NOT pass BGPSEC muster?
I can see that if the IRR data didn't match up sanely
prefix-lists/filters would need some cajoling, but that likely
happened anyway in this case.
-chris