[j-nsp] rfc8097 (rpki) communities ?
Jeff Haas
jhaas at juniper.net
Wed Oct 16 14:47:05 EDT 2019
> On Mar 5, 2019, at 02:04, Job Snijders <job at instituut.net> wrote:
>
> On Thu, Feb 28, 2019 at 04:17:19PM +0300, Alexandre Snarskii wrote:
>> Somewhat stupid question: while experimenting with rpki, I found that
>> while rfc8097 declares origin validation state as extended community
>> (0x4300:0.0.0.0:N in juniper configuration terms), Juniper documentation
>> uses standard communities 0x4300:N for this purpose:
>>
>> https://www.juniper.net/documentation/en_US/junos/topics/topic-map/bgp-origin-as-validation.html
>
> I suspect this is a documentation bug, they probably meant to use
> 'arbitrary extended community' syntax.
FWIW, I don't see non-extended community syntax in this documentation page. It'd be a doc bug.
>
>> Question: is it just a bit outdated documentaton and I shall follow
>> RFC and use extended communities, or there are some other reasons to
>> use standard ones ?
>
> The "0x4300:1" syntax squats on AS 17152's community space, so that's
> not nice.
>
> I think a nice feature of the RFC 8097 communities is that they aren't
> transitive, and you can reference the RFC for the documentation aspect
> of assigning those communities.
At some point we need to get named communities in place here. I had the start of a patch a while back, but it rotted due to not getting worked on in a timely fashion.
-- Jeff
More information about the juniper-nsp
mailing list