Dear Alexander, others, On Tue, Jul 26, 2022 at 04:14:36PM +0300, Alexander Azimov wrote: > The current version of the draft follows the wording from > draft-ietf-idr-deprecate-as-set-confed-set > > BGP speakers conforming to this document (i.e., conformant BGP > speakers) MUST NOT locally generate BGP UPDATE messages containing > AS_SET or AS_CONFED_SET. Conformant BGP speakers SHOULD NOT send BGP > UPDATE messages containing AS_SET or AS_CONFED_SET. Upon receipt of > such messages, conformant BGP speakers SHOULD use the "Treat-as- > withdraw" error handling behavior as per [RFC7606 > <https://datatracker.ietf.org/doc/html/rfc7606>]. > > > As you can see, it uses 'SHOULD'. And this was the reason to have an > additional 'Unverifiable' state, because the 'Invalid' routes MUST be > rejected.
Ultimately it is up to network operators whether they deploy routing policy that reject ASPA-Invalid routes. What's important here is to mark routes that contain an AS_SET in the AS_PATH as 'Invalid' when performing ASPA verification. > If the WG agrees to change normalative language from 'SHOULD' to > 'MUST', the ASPA document will follow. I don't see that dependency; however there seems to be good consensus to remove the "Unverifiable" state from the Internet-Draft and instead mark routes as "Invalid" if an AS_SET is encountered anywhere in the AS_PATH. Kind regards, Job _______________________________________________ GROW mailing list [email protected] https://www.ietf.org/mailman/listinfo/grow
