From fc1e3211b109400c0e96f889829c9f5145ac7226 Mon Sep 17 00:00:00 2001
From: "Ondrej Zajicek (work)" <santiago@crfreenet.org>
Date: Sun, 11 Oct 2020 00:53:19 +0200
Subject: RPKI: Add 'ignore max length' option

Add 'ignore max length' option to RPKI protocol, which ignores received
max length in ROA records and instead uses max value (32 or 128). This
may be useful for implementing loose RPKI check for blackholes.
---
 doc/bird.sgml | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'doc')

diff --git a/doc/bird.sgml b/doc/bird.sgml
index ffc22218..aa16c227 100644
--- a/doc/bird.sgml
+++ b/doc/bird.sgml
@@ -4826,6 +4826,11 @@ specify both channels.
         suppresses updating this value by a cache server.
         Default: 7200 seconds
 
+	<tag>ignore max length <m/switch/</tag>
+	Ignore received max length in ROA records and use max value (32 or 128)
+	instead. This may be useful for implementing loose RPKI check for
+	blackholes. Default: disabled.
+
         <tag>transport tcp</tag> Unprotected transport over TCP. It's a default
         transport. Should be used only on secure private networks.
         Default: tcp
-- 
cgit v1.2.3