16 Sep
2019
16 Sep
'19
1:19 p.m.
https://archive.nanog.org/meetings/nanog40/presentations/BGPcommunities.pdf Don’t let anyone send you Informational tags, these should only be set by you, and you should strip them from all BGP neighbors (customers, transits, peers, etc). Otherwise you have a massive security problem.
* ross@tajvar.io (Ross Tajvar) [Mon 16 Sep 2019, 19:14 CEST]:
I often see informational tags propagated through multiple ASes. What is the security risk there?
Don't let anyone send you *your* informational tags. -- Niels.