I very much agree with both Paul and Wes that new BGP version number or at least new set of AFIs would be the best way to smoothly migrate unsecure BGP to secure one.
I have not seem anyone resisting that idea yet with real technical arguments against it ;)
Rgs, R.
[WEG] Why*are* we so resistant to incrementing the BGP version? I think that there's some merit to the idea that this suite of things represents a significant enough change to BGP that a change in version number might be a cleaner way to do the capability negotiation, perhaps even incorporating other secondary capabilities so that there isn't so much individual capability negotiation for all of the things that we've tacked onto BGP4 over the years. In other words, if you support BGPv5, you support the a list of capabilities (eg 4-byte ASN, GR, route refresh, etc), and they no longer have to be negotiated separately. Even if we move directly from version 4 to 6 as it seems we are wont to do, I think this bears some consideration (by IDR, of course);-) Wes George
_______________________________________________ sidr mailing list sidr@ietf.org https://www.ietf.org/mailman/listinfo/sidr