Last week at RIPE 73 in Madrid, the MANRS BCOP document was presented and discussed at the BCOP TF session and the Routing-WG. The MANRS BCOP document “provides guidance to ease deployment of measures required by MANRS and is targeted at stub networks and small providers. The document should also assist in checking if the network setup is compliant with MANRS.”
It was agreed to give the community another four weeks of review. Last call ends on 28 November 2016, and we welcome your feedback via the RIPE BCOP Mailing List.
Although the content of the document itself wasn’t discussed at the meetings, people shared their views on the best way to publish the document once the review is complete.
In the RIPE region, a standard way to publish a completed work is to produce a RIPE document. This is a great way of making it available to the community, but some felt a RIPE document may not be ideal because every change then requires issuing a new RIPE document, and the MANRS BCOP is a bit too volatile for that.
An idea could be to rearrange the document into a stable/fundamental part and more volatile parts, and publish the first as a RIPE document. This may take some time and work.
In the meantime, we will publish the draft document on the MANRS site and refer to it from the RIPE BCOP repository, Deploy360, and other known places. We’ll assign a version number to ensure stability of the publication and consistency of references.
Please join the discussion on the BCOP mailing list and help us review the document between now and 28 November.
Kurt Kayser says
Hi,
after listening to the RIPE77 talk of Florian Streibelt “BGP Communities: Even more Worms in the Routing Can” I thought about it would make a lot of sense to include BGP-Community filters for in- and outbound BGP-Sessions, in order to minimize the threat potential from these – currently very sloppy – implementations of many operators. I suggest to include a “recommended set” of filters i.e. for private-AS numbers as well as a suggestion, for NO-EXPORT rules that should not allow blackhole functions beyond the parties that have agreed to signal this function to each other.