[c-nsp] FIB scale on ASR9001
Saku Ytti
saku at ytti.fi
Sat Nov 13 10:20:39 EST 2021
On Sat, 13 Nov 2021 at 13:48, Mark Tinka <mark at tinka.africa> wrote:
>
> So some friends and I are working on an RFC draft to fix this:
>
> https://datatracker.ietf.org/doc/html/draft-ymbk-sidrops-rov-no-rr
>
> Comments and contributions are most welcome.
I chose my words carefully when I said 'RPKI rejects', instead of 'invalid'.
The problem only cursorily relates to a specific RPKI validation
state. We may reject RPKI 'unknown', we may even imagine policies
which reject based on some criteria AND RPKI 'valid' (maybe I have my
own motivations for how I use VRP and want to capitalise on all three
states arbitrarily, maybe I'm rejecting valids, because I'm collecting
invalids to some separate RIB for research purposes).
That is:
soft-reconfiguration inbound never # don't keep anything
soft-reconfiguration inbound rpki ## default, keep if policy
rejected route while using validation database state (may have used
something else, but as long as reject policy used validation state,
regardless of state, we need to keep it).
--
++ytti
More information about the cisco-nsp
mailing list