> I understand what the manual says (actually, i read it).
cheating!!!!
> I'm just curious as to how this is going to work in real life. Let's
> say you have a router cold boot with a bunch of ibgp peers, a transit
> or two and an rpki cache which is located on a non-connected network -
> e.g. small transit pop / AS boundary scenario. The cache is not
> necessarily going to be reachable until it sees an update for its
> connected network.
once again,
o when you have no connection to a cache or no covering roa for a
a prefix, the result is specified as NotFound
o we recommend you route on NotFound
so the result is the same as today.
> Until this happens, there will be no connectivity from the router to
> the cache
false
> Look, i understand that you're designing rpki <-> interactivity such that
> things will at least work in some fashion when your routers lose sight of
> their rpki caches. The problem is that this approach weakens rpki's
> strengths - e.g. the ability to help stop youtube-like incidents from
> recurring by ignoring invalid prefix injection.
you can't have you cake and eat it to. you can not detect invalid
originations until you have the data to do so.
randy
