On 13/Jul/18 18:25, Christopher Morrow wrote: > it sounded like Mark didn't want to deal with that complexity in his > network, until more deployment and more requests from customers like; > Customer: "Hey, why did my traffic get hijacked to paY(omlut)pal.com > yesterday?" > Mark: "because you didn't ask for 'super-sekure-customer config? sorry?" > > I could have misunderstood either mark or job or you.. of course. I didn't want to pass on Invalid routes at all, to ensure that the source operator of that route correctly signs it in the RPKI. However, one can't make the horse drink. Using LOCAL_PREF to determine the preference between Valid, Unknown and Invalid routes is just pussy-footing around the feature, if I'm being honest. What's the saying... "Go big, or go home" :-). Mark.
- RE: deploying RPKI based Or... Michel Py
- Re: deploying RPKI based Or... Job Snijders
- RE: deploying RPKI based Or... Michel Py
- Re: deploying RPKI based Or... Randy Bush
- Re: deploying RPKI based Or... Job Snijders
- Re: deploying RPKI based Or... Mark Tinka
- Re: deploying RPKI based Or... Mark Tinka
- RE: deploying RPKI based Or... Michel Py
- Re: deploying RPKI based Or... Mark Tinka
- Re: deploying RPKI based Or... Mark Tinka
- Re: deploying RPKI based Origin... Mark Tinka
- Re: deploying RPKI based Origin Vali... Mark Tinka
- Re: deploying RPKI based Origin Validati... Job Snijders
- Re: deploying RPKI based Origin Vali... Saku Ytti
- Re: deploying RPKI based Origin Vali... Mark Tinka
- Re: deploying RPKI based Origin Validation Paolo Lucente
- Re: deploying RPKI based Origin Validation Mark Tinka
- Re: deploying RPKI based Origin Validation Joshua Vijsma / True
