Iljitsch van Beijnum wrote:
[Originally to ppml, CC to address-policy@ripe, prune as necessary]
On 5-okt-2006, at 18:17, David Conrad wrote:
Is there any reason PI /48s shouldn't be allocated with the bisection method, thus removing the need to reserve space?
The goal of filtering in BGP is either to keep out accidentally injected prefixes, or keep out both accidentially and maliciously injected prefixes.
This means that a reasonable filter, i.e., one that can be configured on a router with a relatively limited number of filter rules, must allow through all prefixes that match legitimate allocations, and reject as much of everything else as possible.
I don't see how fixed sizes and contiguous assignments will prevent people from announcing space not delegated to them. Right now the best way to manage this is by filtering your own customers with an explicit list (manually or RR generated) and applying peer pressure to peers who don't. Hopefully in the near future we will have crypto-signed announcements to solve this problem for real. - Kevin