> > Note that routers do not perform prefix origin validation (compute > > the validation state as defined in [I-D.ietf-sidr-pfx-validate]) > > for IBGP learnt routes. > > that is opposite of 6811 and running code > > When a BGP speaker receives an UPDATE from a neighbor, it SHOULD > perform a lookup as described above for each of the Routes in the > UPDATE message. The lookup SHOULD also be applied to routes that are > redistributed into BGP from another source, such as another protocol > or a locally defined static route. > > > In a network where all edge routers are capable and configured to > > perform prefix origin validation on EBGP learnt routes it should not > > be necessary to perform that function also on IBGP learnt routes > > internal router A has a nail-up for prefix P which it gates to ibgp. it > is not (yet) validation capable, so does not realize it was fat fingered > and does not own P. it announces ibgp to B, a border router within the > AS which is validation enabled. you want B to catch the fat finger and > not propagate it to a neighbor whose noc then calls you to tell you that > you have net bad breath. > > validation of routes locally originated and those heard via ibgp is good > sanitation.
Ack. Clearly it's out-of-sync with RFC 6811. Will issue another rev with this changeā¦ - Pradosh
_______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
