14 Jun
2016
14 Jun
'16
11:46 p.m.
Tue, Jun 14, 2016 at 04:51:40PM +0300, Alexander Azimov:
But I have security consideration that filtering isn't a proper mechanism to reach this goal. Imagine next situation - if transit accidently prepends its paths with private AS number it will result in DoS for all stub networks connected to this transit. I think, better way is deprioritize bogon routes - this will stop propagation of such routes if there is any alternative and will not affect reachability in other cases.
These should not appear in the DFZ. I can think of no better way to encourage resolution than dropping such routes.