[routing-wg] Ensuring RPKI ROAs match your routing intent
- Previous message (by thread): [routing-wg] Ensuring RPKI ROAs match your routing intent
- Next message (by thread): [routing-wg] 2019-08 Review Phase (SLURM file for Unallocated and Unassigned RIPE NCC Address Space)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Randy Bush
randy at psg.com
Wed Jul 1 17:18:38 CEST 2020
> However, as ROV becomes more deployed and your upstreams may start > dropping your unintended invalids, those may not show up any more in > those views. remember, this when contemplating *creating* a roa. ain't no new invalids yet, intended or unintended. when contemplating creating a roa, i want to know how i will be affecting the global routing of that prefix, not just my local router. > Note that even then monitoring your own prefixes in the global BGP in > relation to your ROAs from other vantage points will still be > important. I expect that something like BGP Alerter (or similar) > rather than your own RPKI CA will be more suitable for this purpose. i love bgp alerter. butt tha is ex post facto. the CA check of the effect of contemplated roa creation is *before* i break things. but, while i see a comparison to 42 more local views as uninteresting, they would not seem to cause harm. but i would keep the global comparison as the prominent user-facing feature. but if you want to be creative, when i contemplate adding a roa for a prefix, it would be nice to check that i am not invalidating longer sub-prefixes, e.g. those possibly routed by customers. and again, in the global table. randy
- Previous message (by thread): [routing-wg] Ensuring RPKI ROAs match your routing intent
- Next message (by thread): [routing-wg] 2019-08 Review Phase (SLURM file for Unallocated and Unassigned RIPE NCC Address Space)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]