24 Jun
2019
24 Jun
'19
2:16 p.m.
On 24/Jun/19 16:11, Job Snijders wrote:
- deploy RPKI based BGP Origin validation (with invalid == reject) - apply maximum prefix limits on all EBGP sessions - ask your router vendor to comply with RFC 8212 ('default deny') - turn off your 'BGP optimizers'
I cannot over-emphasize the above, especially the BGP optimizers. Mark.