There's internet draft describing in detail, why it's not a good idea to
store RPKI validation state inside community variables at all..
https://www.ietf.org/archive/id/draft-ietf-sidrops-avoid-rpki-state-in-bgp-00.html
- Daniel
On 4/27/24 5:05 AM, Nigel Kukard via Bird-users wrote:
Hi all,
I was busy reading
https://bgpfilterguide.nlnog.net/guides/reject_invalids/ and noticed the
following text...
Note: REALLY DONT store the validation state inside a bgp_community or
bgp_large_community or bgp_ext_community variables. It can cause CPU &
memory overload resulting in convergence performance issues.
I was wondering if this is still an issue and if it would still be a bad
idea to indicate that RPKI was VALID using communities on multiple full
BGP feeds?
Is anyone doing this at present? are you seeing significant load?
Kind Regards
Nigel
