Replacing ASs in the AS_PATH sounds like a behavior you would want the security protections to prohibit. It would enable attacks.
Can you explain how you would distinguish legitimate uses of this feature? --Sandy ________________________________________ From: sidr-boun...@ietf.org [sidr-boun...@ietf.org] on behalf of Robert Raszuk [rob...@raszuk.net] Sent: Wednesday, March 28, 2012 12:43 PM To: Christopher Morrow Cc: i...@ietf.org List; Paul Jakma; sidr wg list Subject: Re: [sidr] [Idr] AS_SET depreciation (RFC6472) and BGP multipath >> Are we going to freeze any AS_PATH modifications by operator's policy too ? >> I mentioned replace-as which all major vendors support. There can be more >> knobs like this coming in the future. > > replace as i think is dealt with .... sign again and pcount=0 and move along. replace-as allows to replace any arbitrary match of list of ASes in the AS_PATH by your own AS. Does not need to be the last one. I don't think SIDR has a solution to deal with such policy. Best regards, R. _______________________________________________ sidr mailing list sidr@ietf.org https://www.ietf.org/mailman/listinfo/sidr _______________________________________________ sidr mailing list sidr@ietf.org https://www.ietf.org/mailman/listinfo/sidr
