Hi, I am reading this RFC and I have a question about this paragraph (p19, Section 9): "Network administrators SHOULD NOT advertise prefixes with a nonempty AS path unless they intend to provide transit for these prefixes."
What about prefixes being originated by a network? IMHO, if the announcements for such prefixes are compliant with this requirement (i.e., AS path is empty as the prefixes are not transited but originated), there should be an issue with the previous requirement: "Network administrators SHOULD NOT accept prefixes when the first AS number in the AS path is not the one of the peer's unless the peering is done toward a BGP route server [17 <https://tools.ietf.org/html/rfc7454#ref-17>] (for example, on an IXP) with transparent AS path handling. In that case, this verification needs to be deactivated, as the first AS number will be the one of an IXP member, whereas the peer AS number will be the one of the BGP route server." Am I wrong? Did I miss something? Thanks in advance for your reply. Best regards, JMC.
_______________________________________________ OPSEC mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsec
