diff --git a/draft-ietf-sidrops-rov-no-rr.xml b/draft-ietf-sidrops-rov-no-rr.xml index 7e1566c..543bf62 100644 --- a/draft-ietf-sidrops-rov-no-rr.xml +++ b/draft-ietf-sidrops-rov-no-rr.xml @@ -1,6 +1,6 @@ - + @@ -11,7 +11,8 @@ @@ -176,18 +177,23 @@ - When RPKI data cause one or more paths to be dropped, withdrawn, - or merely not chosen as best path due to RPKI-based policy (ROV, - ASPA, etc.), those paths MUST be saved and marked (to not be used - for best path evaluation etc.) so that later RPKI data can - reevaluate those paths. + When RPKI data cause one or more paths to be dropped due to ROV, + those paths MUST NOT be evaluated for best path, but MUST be saved + (either separately or marked) so they may be reevaluated with + respect to new RPKI data. + + + + If new RPKI data arrive which invalidate the best path, and the + router did not keep all alternatives, then it MUST issue a route + refresh so those alternatives may be evaluated for best path. Policy which may drop paths due to RPKI-based checks such as ROV, - ASPA, BGPsec, etc. MUST be run, and the dropped paths saved per - the above paragraph, before non-RPKI policies are run, as the - latter may change path attributes. + ASPA, BGPsec , etc. MUST be run, and the + dropped paths saved per the above paragraph, before non-RPKI + policies are run, as the latter may change path attributes. @@ -207,17 +213,17 @@
- - Routers MUST either keep the full Adj-RIB-In or implement the - specification in . - - Operators deploying ROV and/or other RPKI based policies SHOULD ensure that the router implementation is not causing unnecessary Route Refresh requests to neighbors. + + Routers MUST either keep the full Adj-RIB-In or implement the + specification in . + + If the router does not implement these recommendations, the operator SHOULD enable the vendor's knob to keep the full @@ -227,10 +233,10 @@ - If the router has insufficient resources to support this, it - MUST not be used for Route Origin Validation. I.e. the knob in - should only be used in very well known and - controlled circumstances. + If the router has insufficient resources to support either of the + two proposed options, it MUST not be used for Route Origin + Validation. I.e. the knob in should only be + used in very well known and controlled circumstances. @@ -279,9 +285,9 @@
- The authors wish to thank Ben Maddison, John Heasley, Nick - Hilliard, Ties de Kock. John Scudder, Matthias Waehlisch, and Saku - Ytti. + The authors wish to thank Ben Maddison, John Heasley, John + Scudder, Matthias Waehlisch, Nick Hilliard, Saku Ytti, and Ties de + Kock.
@@ -303,6 +309,7 @@ +