29. Alvaro: Figure 9 in Section 7.1 shows SAV-specific messages ("(P1, AS 2), (P6, AS 2)") that indicate <Prefix, Incoming Direction>. For the sample topology, how does AS1 know that AS2 will be the incoming direction from ASX's point of view? In the simple topology, it is relatively straight forward and AS2 is connected to both AS1 and ASX. But in more complex topologies it is not as easy; for example, consider another AS between AS1 and AS2, or between AS2 and ASX -- neither implementing the SAV mechanisms.

[LibinLiu0189]

Response: We have updated Figure 9 in Section 7.1 to illustrate how AS 1 obtains its own SAV-specific information and communicates it to AS 4. Figure 9(a) shows that AS 1 selects the path AS 1->AS 2->AS 4 as the best path for its legitimate traffic with source addresses in P1 or P6 and destination addresses in P4. Thus, AS 1 knows its legitimate traffic will enter AS 4 from the direction of AS 2. In the example topology, there may be multiple ASes between AS 1 and AS 2, which do not deploy SAVNET agent.

[LibinLiu0189]

Alvaro: "AS 1 selects the path AS 1->AS 2->AS X" implies a required dependency on BGP information -- that's the only way for AS1 to know the path. This requirement is not reflected in the document.

Response: We have explained the requirement for the BGP information in the first paragraph of Section 7.1.