> Hi Doug, > > Actually I am not that concerned what spec will recommend for the > operator to do. I am more concerned what should be the router's default? NO change to current rules!
> Considering the example below should it be: To prefer signed longer path > versus unsigned shorter ? leave it entirely to operator to define policy for mapping signed/unsigned/ recieved from friend/received from foe/etc. onto the attribute set used in the path selection algorithm > Specifically I am asking - where does the signed vs unsigned decision > step inserts itself into today's BGP best path decision ? at exactly the same point where the not well known community attributes are used (i.e. NOT in the scope of the standrad bgp path selection algorithm) > Should it be complete haos by allowing full freedom for local operator's > configuration ? Should the default be "Do not care" if this is signed or > unsigned ... just run your BGP best path as today ? don't interfere with whatever chaos (you think) the operator is working with. Just provide the operator with trustworthy information and do not force any nanny on him to help... This does not preclude offering cookbook recipes and providing advice on healthy or unhealthy (e.g. opening opportunities for downgrade attacks...) ways of preparation... Some may feel that offering ways of more flexible or granular decision criteria in the path selection algorithm would be helpful, but that quite certainly should be considered and provided from a more general point of view (as extension in IDR) rather than being a special purpose extension for AS path authenticity. Ruediger _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
