There's internet draft describing in detail, why it's not a good idea to store RPKI validation state inside community variables at all.. https://www.ietf.org/archive/id/draft-ietf-sidrops-avoid-rpki-state-in-bgp-0... - Daniel On 4/27/24 5:05 AM, Nigel Kukard via Bird-users wrote:
Hi all,
I was busy reading https://bgpfilterguide.nlnog.net/guides/reject_invalids/ and noticed the following text...
Note: REALLY DONT store the validation state inside a bgp_community or bgp_large_community or bgp_ext_community variables. It can cause CPU & memory overload resulting in convergence performance issues.
I was wondering if this is still an issue and if it would still be a bad idea to indicate that RPKI was VALID using communities on multiple full BGP feeds?
Is anyone doing this at present? are you seeing significant load?
Kind Regards Nigel