Doc: Add documentation for BGP option 'allow as sets'

author Ondrej Zajicek (work) <santiago@crfreenet.org>

Tue, 5 Nov 2019 15:00:25 +0000 (16:00 +0100)

committer Ondrej Zajicek (work) <santiago@crfreenet.org>

Tue, 5 Nov 2019 15:00:25 +0000 (16:00 +0100)
author Ondrej Zajicek (work) <santiago@crfreenet.org>
Tue, 5 Nov 2019 15:00:25 +0000 (16:00 +0100)
committer Ondrej Zajicek (work) <santiago@crfreenet.org>
Tue, 5 Nov 2019 15:00:25 +0000 (16:00 +0100)
diff --git a/doc/bird.sgml b/doc/bird.sgml

index 384af835768a2505f309e3bf2836df3455404d1a..e0f4fb766a868ceb7f4878340c5d54c75e64daa6 100644 (file)
--- a/doc/bird.sgml
+++ b/doc/bird.sgml
@@ -2395,6 +2395,16 @@ using the following configuration parameters:
         completely disabled and you should ensure loop-free behavior by some
         other means. Default: 0 (no local AS number allowed).
  
+       <tag><label id="bgp-allow-as-sets">allow as sets [<m/switch/]</tag>
+       AS path attribute received with BGP routes may contain not only
+       sequences of AS numbers, but also sets of AS numbers. These rarely used
+       artifacts are results of inter-AS route aggregation. AS sets are
+       deprecated (<rfc id="6472">), and likely to be rejected in the future,
+       as they complicate security features like RPKI validation. When this
+       option is disabled, then received AS paths with AS sets are rejected as
+       malformed and corresponding BGP updates are treated as withdraws.
+       Default: off.
+
         <tag><label id="bgp-enable-route-refresh">enable route refresh <m/switch/</tag>
         After the initial route exchange, BGP protocol uses incremental updates
         to keep BGP speakers synchronized. Sometimes (e.g., if BGP speaker
author	Ondrej Zajicek (work) <santiago@crfreenet.org>
	Tue, 5 Nov 2019 15:00:25 +0000 (16:00 +0100)
committer	Ondrej Zajicek (work) <santiago@crfreenet.org>
	Tue, 5 Nov 2019 15:00:25 +0000 (16:00 +0100)