[j-nsp] rfc8097 (rpki) communities ?
job at instituut.net
Tue Mar 5 02:04:00 EST 2019
On Thu, Feb 28, 2019 at 04:17:19PM +0300, Alexandre Snarskii wrote:
> Somewhat stupid question: while experimenting with rpki, I found that
> while rfc8097 declares origin validation state as extended community
> (0x4300:0.0.0.0:N in juniper configuration terms), Juniper documentation
> uses standard communities 0x4300:N for this purpose:
I suspect this is a documentation bug, they probably meant to use
'arbitrary extended community' syntax.
> Question: is it just a bit outdated documentaton and I shall follow
> RFC and use extended communities, or there are some other reasons to
> use standard ones ?
The "0x4300:1" syntax squats on AS 17152's community space, so that's
I think a nice feature of the RFC 8097 communities is that they aren't
transitive, and you can reference the RFC for the documentation aspect
of assigning those communities.
More information about the juniper-nsp