Hello Jac,
> I'm working on setting up a routing policy based upon origin validation. > Having read the http://datatracker.ietf.org/doc/draft-ietf-sidr-origin-ops/ > draft I got confused. > > I've attached a ppt trying to make my problem clear. Am I making a thinking > error here or doesn't it make any sense changing preference for valids and > unknowns? Couple of points. 1) You are right that for the same destination prefix on the same router, the validation state for the paths will be either _all_ [NotFound] or _all_ from the list [Valid, Invalid]. This is based on the availability of the ROA on that router. 2) That said, it is still a good practice to set preference based on each validation state because of the distributed nature of the network (the ROA database on all routers in an AS will not be consistent) and because of incremental deployment of origin validation. Think of the following simple topology: R2 R1 R3 Suppose the same destination prefix 'p' is received on both R2 and R3. 'p' may not be present on R2's ROA database, making it 'NotFound'. At the same time, 'p' is present on R3's ROA database, making it 'Valid'. You would want to set the preference correctly through your routing policy so that R1 prefers R3 (assume R1 does not yet support origin validation). - Pradosh _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
