On Mon, Feb 09, 2015 at 02:55:48PM -0600, Bill Armstrong wrote: > To make sure I have consensus on the proposed additions: > > 1. "Special use communities" - should this section only cover the > concept and provide examples of how their used?
Most prevalent blackhole community is ASN:666, so i'd drop the :999 reference. For "inbound marking", the major trend I see is that providers attach multiple communities to a prefixes learned somewhere in the network: one or more for locality (one for region another for country), one for type of relation (customer / peer / upstream / etc), maybe a third to designate the product (region versus global etc). The BCOP is to color a prefix with multiple communities rather the overloading a single one. In "Choose a IRR database" i'd add that if you have space which is mananged by either RIPE, APNIC or AfriNIC you register the route objects in the registry each respective RIR offers. There is a security advantage to be gained if you register in the registry which is authorive for the space you use. > 2. BGP Session Security - a mention of conformance with rfc5082 was > also presented, and it I think it makes sense to add, does everyone > agree? 2a. Along those lines is there agreement that the document > should have a section covering basic BGP security considerations? Does anybody use or offer 5082 today, in practise? > 3. Prefix Length Integrity - The idea of identifying a maximum prefix > lengths for both customers and ISPs to accept as well as a potential > for a better defined interpretation of Strict\Loose prefix handling. > ie. Loose = the /24(ipv4) and /48(ipv6). Strict = using the RIR > minimal allocation as the limit. I can only speak for myself: if a customer registers up to a /30 as route object, I'd accept the prefix. If the customer registers a /24 or smaller, I'd accept up to a /24. Anything larger then a /24 I would not propagate to peers or other customers. Kind regards, Job _______________________________________________ BCOP mailing list [email protected] http://mailman.nanog.org/mailman/listinfo/bcop
