[j-nsp] Please push Juniper to implement RFC6907

Jared Mauch jared at puck.nether.net
Wed Oct 2 09:56:58 EDT 2019



> On Oct 2, 2019, at 12:37 AM, Weber, Markus <Markus.Weber at kpn.de> wrote:
> 
> Melchior Aelmans wrote:
>> All, please be assured that, thanks to all PRs, cases, etc, it’s on
>> our (Junipers) Radar and we are looking into it.
> 
> Thanks, looking forward to see this showing up in the very near future/
> with the next updates of all current in-use releases.
> 
>> Agreed on the usefulness part, but would there be unwanted situations
>> or behavior someone could run into if we would ‘flip the switch’? I’m
>> looking for possible impact due to changing behavior. 
> 
> Count the number of AS_SETs seen in the DFZ, reduced to "covered by a 
> ROA". Consider there's RFC6472, which recommends not to use AS_SETs
> anymore. Then think of how many networks would miss the new "knob" to
> enable RFC6907 behaviour and by not enabling, leaving the door open
> for not-so-nice activities to bypass ROV.

Yeah, this is a a chance for Juniper to have sane defaults here that will cause some routes to end up being hidden, but that is really the intended stance.  If you are following the work in IETF IDR, the intent is to have these AS_SETs is likely going to end up as “treat-as-withdrawl” which is effectively the same thing.

It would be great if Juniper can help close this gap :-)

- Jared


More information about the juniper-nsp mailing list