[PDB Tech] route-server information add-on
Job Snijders
job at instituut.net
Mon Dec 12 05:25:11 PST 2016
On Mon, Dec 12, 2016 at 01:58:51PM +0100, Arnold Nipper wrote:
> What does it help when everyone is able to set the flag and you can't
> trust that this really is a route server net?
It helps on the configuration generation side:
If "route server" == true:
no bgp enforce-first-as
no bgp next-hop peer-address
no as_path_filter "^$peer_asn_"
else:
bgp enforce-first-as
bgp next-hop peer-address
as_path_filter XYZ
The above pseudo code is assuming people generate config straight from
PDB, in addition to the above, a PDB user can programmatically enforce
their:
"we peer with every route server"-policy
or "we dont peer with any route servers"-policy
or "we only peer with route servers operated by the IXP themselves"-policy
So one could argue there is a wide varierty of decisions that can be
assisted if your peers self-report whether they are perform a Route
Server function or not.
All data retrieved from PDB must be validated against an operators own
policy and procedures. I always consider PDB data to be a raw resources,
this does not have to do with (lack of) trust, but rather with making
assisted choices.
Hope this clarifies the use case.
Kind regards,
Job
More information about the Pdb-tech
mailing list