22 Oct
2023
22 Oct
'23
6:48 p.m.
On Sun, 22 Oct 2023 at 20:33, Tom Beecher <beecher@beecher.cc> wrote:
Basically, I guess, it means that the AS 0 solution shouldn't be used, at
least not usually.
It's like everything else. Understand what the tools do and what they don't do, and use them appropriately.
A primary risk for an IXP is the existence of a more-specific of the IX peering LAN prefix, a less-specific wouldn’t matter or inflict damage. So in the above context an AS 0 ROAs can be useful to improve protection of IXP Peering LANs where the IX operator doesn’t want the fabric to be globally reachable - and one of the IX participants failed to correctly EBGP in/out policies. Kind regards, Job