Hi Douglas, On Mon, May 30, 2022 at 09:38:44AM -0300, Douglas Fischer wrote:
On the point of view of day-to-day operations, keep the rejected routes and tag then with communities to be presented and interpreted on a Looking Glass is very pedagogic to Transit Customers that asks: "Why my routes are being rejected?"
Actually, I try to do that(tag with internal communities) with good or bad for every check that I do... Ex.: - Prefix Bogons - ASN Bogons - Tier 1 Free - RPKI
Rejecting a route *and* tagging it with a community is not what causes problems: because you are *rejecting* the route (for example because bogon, or rpki-invalid), there is no routing churn problem further downstream. The problem Dan Mahoney writes about is when you attach a BGP community to "valid" or "not-found" routes: if your validator/RTR server ever has some kind of issue (for example when it crashes), all "valid" routes would flip to "not-found" state, causing BGP churn for 37%+ of routes in a full table view. Of course, after the crashed validator restarts (comes back online), those hundreds of thousands of routes *again* require new BGP UPDATE messages to remove the "not-found" and attach the "valid" community. In short: * Reject RPKI-invalid routes (optionally using the BIRD trick to attach a community to a rejected route) * Do NOT attach communities to routes that are "valid" or "not-found" merely because they are valid/not-found. Does the above description make sense? Kind regards, Job