sandy asked so i investigated. bgp has an origin atttribute. it looks as if we need to protect it.
the origin attribute may have three values, unspecified igp egp supposedly denoting from where the route was injected into bgp. jeff haas has a better memory than i, and noted that the key is that 'egp' does not mean an abstract egp, but the old egp protocol which was classful and aggregated. if it aggregated, you had to be careful that this did not suddenly hide things and ignorance thereof could open you up to loops. so the origin attribute was added. but it is in the bgp decision process. it is prettly low down, but could be used for traffic engineering or other, less nice, influencing of the decision process. hence, bgpsec should probably should protect it. randy _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
