Let's observe that mangling with AS_PATH is usually done for a reason ..
to achieve reachability to some set of prefixes which otherwise would be
dropped.
So with this in mind a better question to think about from customer
perspective is to choose either:
- unsecure but reachable Internet destinations
- secure Internet routing but unreachable destinations
Rgs,
R.
PS. I believe I have a solution to address both sides. Let me write it
up and share in a week or two.
This leaves me feeling a little more sanguine about the
drop-the-AS_PATH idea, although I still think some more attention to
enumerating what knobs will fall by the wayside is advisable.
as folk keep inventing new knobs, one question would seem to be whether
the knob inventors will understand and accept the trust/threat model
implications of knobs which force downgrade to non-sec.
randy
_______________________________________________
Idr mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/idr
_______________________________________________
sidr mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/sidr
