Sriram, Kotikalapudi (Fed) wrote: > The common source ASN checking is performed on BGP updates > in the control plane (not in the data path), and that results in > adding some additional allowed prefixes (for particular interfaces) to the > Reverse Path Filter (RPF) list for SAV. I don't think this would result in > other validation mechanisms which aren't available in the forwarding engine. > The data plane would perform the usual uRPF check: Does the SA in the data > packet > belong in a prefix in the RPF list for the interface it was received on? > So there shouldn't be any requirement to punt data packets.
right, ok - I misunderstood. So you're suggesting that the control plane correlates asns to interfaces and does something like creating a higher cost alternative path out each candidate source interface (based on ASN, as determined in the control plane) to allow the urpf mechanism handle this using its normal lookup method? Nick _______________________________________________ GROW mailing list [email protected] https://www.ietf.org/mailman/listinfo/grow
