On Oct 23, 2012, at 6:08 PM, Robert Raszuk <[email protected]> wrote: > One thing to clarify ... > >> Finally, as to your comment that "replay of Adj_RIB_In would miss all of >> those prefixes which were subject to drop due to BGP Origin Validation", I >> don't know why you think this. In our implementation, it isn't true. > > Origin Validation is applied pre-inbound-policy - I think you agree with this. > > Assume that during the origin validation prefix received from the peer > is found as INVALID and marked as such. Subsequent inbound policy is > configured by the operator to drop INVALID rather then just to > deprefer or not consider those in the best path. > > I am afraid in the former policy configuration such prefix will never > go to Adj_RIB_In. In the latter case it will. > > Are you saying that in your implementation you do not allow to drop > INVALID prefixes on EBGP inbound policy ?
No, you can filter them out just like any other route. I'm saying that in our implementation, by default we retain filtered routes in our Adj-RIB-In but don't allow them to be selected for inclusion in the Loc-RIB. Also, if an implementation doesn't do this, it's a general issue and not specific to Origin Validation. The BMP draft does talk about this issue a little bit. --John _______________________________________________ GROW mailing list [email protected] https://www.ietf.org/mailman/listinfo/grow
