Another flaky idea - Verification (2)

• Server returns

  • verification value
    • yes I’m meant to be announcing that
    • no I’m not meant to be announcing that
    • don’t know (temporary failure from server - used last cached value or another server)
  • a TTL

• Results cached by BGP speaker as tuple (prefix, neighbor-AS, truth-value, TTL)

• Router implements filtering options based on return value

  • Converts return value into non-transitive BGP verification attribute so can be matched on route-maps etc

Previous slide

Next slide

Back to first slide

View graphic version