Doc: Add documentation for BGP option 'allow as sets'

author: Ondrej Zajicek (work) <santiago@crfreenet.org> 2019-11-05 16:00:25 +0100
committer: Ondrej Zajicek (work) <santiago@crfreenet.org> 2019-11-05 16:00:25 +0100
commit: d54a69ac7f0a29846cd9dbc697d1d369f51988bb (patch)
tree: b2cf4fb8747ff48780f74cc86261846ea23a9ed9 /doc/bird.sgml
parent: 10c4cd9677555e88a4ac8c95784aa281655e3326 (diff)
1 files changed, 10 insertions, 0 deletions
diff --git a/doc/bird.sgml b/doc/bird.sgml
index 384af835..e0f4fb76 100644
--- a/doc/bird.sgml
+++ b/doc/bird.sgml
@@ -2395,6 +2395,16 @@ using the following configuration parameters:
 	completely disabled and you should ensure loop-free behavior by some
 	other means. Default: 0 (no local AS number allowed).
 
+	<tag><label id="bgp-allow-as-sets">allow as sets [<m/switch/]</tag>
+	AS path attribute received with BGP routes may contain not only
+	sequences of AS numbers, but also sets of AS numbers. These rarely used
+	artifacts are results of inter-AS route aggregation. AS sets are
+	deprecated (<rfc id="6472">), and likely to be rejected in the future,
+	as they complicate security features like RPKI validation. When this
+	option is disabled, then received AS paths with AS sets are rejected as
+	malformed and corresponding BGP updates are treated as withdraws.
+	Default: off.
+
 	<tag><label id="bgp-enable-route-refresh">enable route refresh <m/switch/</tag>
 	After the initial route exchange, BGP protocol uses incremental updates
 	to keep BGP speakers synchronized. Sometimes (e.g., if BGP speaker
author	Ondrej Zajicek (work) <santiago@crfreenet.org>	2019-11-05 16:00:25 +0100
committer	Ondrej Zajicek (work) <santiago@crfreenet.org>	2019-11-05 16:00:25 +0100
commit	d54a69ac7f0a29846cd9dbc697d1d369f51988bb (patch)
tree	b2cf4fb8747ff48780f74cc86261846ea23a9ed9 /doc/bird.sgml
parent	10c4cd9677555e88a4ac8c95784aa281655e3326 (diff)