I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors.  Document editors and WG chairs should treat
these comments just like any other last call comments.

Overall impression is that this is a well written draft, and I didn’t particularly notice any editorial comments, although I wasn’t focused on that.

The entire draft is dedicated to an informational router configuration that encourages using link local addressing on the non-public facing router interfaces.  The draft, as a whole does a good job describing and referencing previous work on configuration and mitigation  strategies to encourage a more secure configuration.

My only feedback is that the Security Considerations section might also include a sentence referencing all of the other RFC’s and guidance previously mentioned in the document:

	For additional security considerations, as previously stated, see also:  [RFC5837], [I-D.ietf-opsec-bgp-security].

and possible a statement saying that all other previous recommendations for control plane security, etc.

I do understand if this recommendation is not acted upon, it is difficult to summarize an entire document which is about configuration for security into a single concise paragraph at the end of the document.

regards,
--
Chris Inacio
inacio at cert.org