This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/routing-wg@ripe.net/
[routing-wg] RPKI Outage Post-Mortem
- Previous message (by thread): [routing-wg] RPKI Outage Post-Mortem
- Next message (by thread): [routing-wg] RPKI Outage Post-Mortem
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Randy Bush
randy at psg.com
Tue Feb 25 21:18:59 CET 2020
>> To be clear, I mean nobody really uses this RPKI, so 3 days downtime
>> was even not noticed by anyone.
> nobody == {
but, to your point, the reason no one was damaged is that ROV was
designed to fail soft. when the ncc failed to publish, the prefixes
for which there should have been ROAs did not become invalid, they
became not found. so folk dropping invalids did not drop them.
what could have happened, but would be quite hard to detect, is that
someone could have mis-originated one of those prefixes and it would
not have been blocked.
randy
- Previous message (by thread): [routing-wg] RPKI Outage Post-Mortem
- Next message (by thread): [routing-wg] RPKI Outage Post-Mortem
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]