[c-nsp] RPKI extended-community RFC8097

Mark Tinka mark.tinka at seacom.com
Sat Dec 19 04:37:44 EST 2020



On 12/19/20 11:13, Robert Raszuk wrote:

> Jakob,
>
> It has been a while, but IIRC the original idea for the validation was 
> that regardless if this is done by configuration enabling pre-best 
> path eligibility or in route map no path will be dropped. At no point 
> in the BGP design discussions there was a plan to automatically do any 
> of this. So your REFRESH story or soft-in alternative sound like the 
> original plan has somehow changed.
>
> See even if you validate in route map you may just mark it 
> not-eligible or set higher local pref for VALID etc .... I am not sure 
> how anyone could come with the idea to just drop there.
>
> So IMHO there is nothing wrong with specification.
>
> It is suboptimal implementation or configuration which needs to be 
> fixed. It beats me why it is taking so long ...

Absolutely!

The spec. is clear on nodes only performing validation at the behest of 
the operator, and never automatically or inherently.

This is a Cisco-specific issue, and either a mis-interpretation of the 
RFC, or a workaround to the impact of the spec. on their implementation.

Mark.


More information about the cisco-nsp mailing list