[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [DNA] Route vs Advertise
> >Out implementation doesn't work that way. It just uses the prefixes in
the
> >certificate to check whether the prefixes are certified or not, and drops
> >those that are uncertified if the host is configured to do so. It doesn't
> >uses the certification to determine what addresses to send to what router
> >since, as Erik says, that is not in the RFC 2461 conceptual model.
> >
> >
> In another email, you say ' That was the intent, a certified prefix
> means the router is authorized to route the prefix as advertised.'
>
> So, are you saying your implementation doesn't follow this 'intent'?
>
> Either way, are the 2461 conceptual model and this 'intent' in conflict
> with each other?
>
No, the implementation checks the prefix against the cert (if the cert has
an attribute with prefixes) when the RA is received. That's what I meant by
"router is authorized to route the prefix as advertised". But then the
prefix is put onto the merged prefix list if it passes, as RFC 2461 intends.
The cert is not used to make any routing decisions.
So I don't think the 2461 conceptual model is in conflict.
jak