: But I am concerned some people may build filters using : only exact matches, so it seems safer to have route : objects for more specifics.
:: I´d suggest to create each route object for each :: announced prefix...IMHO you are very right - there are :: for sure networks out there, which will filter your :: prefixes, when you do not have a matching route object :: entry ...
That seems painful when fast action is required. Say you have a /16 and someone is hijacking a /23 withing it. Before mitigating damage by announcing the two /24s you'd have to update the registry and wait for the upstream to accept it? Do you just preregister all the /24, /23, /22, etc prefix combinations in advance?
scott
_______________________________________________ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
_______________________________________________ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog