How Not to Multihome

Leo Vegoda leo.vegoda at icann.org
Tue Oct 9 17:48:35 UTC 2007


On 9 Oct 2007, at 17:47, Andy Davidson wrote:

[...]

> However, if a different third-party network then sweeps up their  
> routing table by looking to remove more specifics that seem  
> 'spoofed' using IRR data, the routes you intend to push onto the  
> internet may well start to disappear from their perspective.

I don't think this should be possible if the database implements RPSS  
(RFC 2725) properly. I believe that it should only be possible to  
create a more specific route object with the agreement using whatever  
PGP/X.509 security you like if you have used mnt-lower and mnt-routes  
attributes as appropriate.

I'm not sure I'd want to publish my routing policy in a database that  
didn't have a reasonable implementation of RPSS.

Leo



More information about the NANOG mailing list