Am 15.11.2010 12:39, schrieb Roque Gagliano:
I believe Tim has a point in this comment, we already analyze it positively internally to add that capability.
When all of these starts rolling-out, you would have a huge percentage of "not-found", that is why you would not want to deny those. There you can see the importance of generating your ROAs, although you are not particularly interested in filtering.
While from a technical perspective the BGP Origin ASN Validation is a good approach, it loads a burden to the system itself and to the BGP engineers around the globe, just because Pakistan Telecom's network engineer is not capable to type 'set community no-export' and PCCW (Upstream of Pakistan Telecom) f***ed up the prefix list (copy-paste for other example, replace names).
Why should we change a generally good working system just because some network rookies don't know better? Fix the problem by the source, don't circumvent it.
My CHF 0.05, Fredy