do not filter your customers
morrowc.lists at gmail.com
Fri Feb 24 21:07:28 UTC 2012
On Fri, Feb 24, 2012 at 3:59 PM, Leo Bicknell <bicknell at ufp.org> wrote:
> In a message written on Fri, Feb 24, 2012 at 01:04:20PM -0700, Shane Amante wrote:
>> Solving for route leaks is /the/ "killer app" for BGPSEC. I can't understand why people keep ignoring this.
> Not all "leaks" are bad.
> I remember when there was that undersea landside in Asia that took
> out a bunch of undersea cables. Various providers quickly did
> mutual transit and other arrangements to route around the problem,
> getting a number of things back up quite quickly. These did not
> match IRR records though, and likely would not have matached BGPSEC
> information, at least not initially.
well.... for bgpsec so if the paths were signed, and origins signed,
why would they NOT pass BGPSEC muster?
I can see that if the IRR data didn't match up sanely
prefix-lists/filters would need some cajoling, but that likely
happened anyway in this case.
More information about the NANOG