On 12 Feb 2019, at 01:52, Jay Borkenhagen <jayb@braeburn.org> wrote:
We got some very good advice watching this video from your most recent NLNOG day:
https://www.youtube.com/watch?v=vrzl__yGqLE
... but there is one place where I disagree with Niels.
You’re of course welcome to do so :-)
He advised against lowering the local-pref of invalid routes. I agree that this should not be anyone's target policy, but it is a useful step along the way. To set invalid routes a lower local-pref, one needs to establish RTR sessions from routers to relying party servers, and to configure a policy that takes validation state into account.
I agree that this is a good approach for taking first steps into the RPKI world and I would not discourage a lower local preference as a first stage. As long as we’re on the same page about invalid == reject being the intended end result.
In short: C'mon in! The water's fine! :-)
As a competitive swimmer I couldn’t agree more! -- Niels Raijer niels@fusix.nl