nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: BGPMON Alert Questions

From: Jac Kloots <Jac.Kloots () surfnet nl>
Date: Tue, 8 Apr 2014 11:24:07 +0200 (CEST)

Hi Mark,

On Thu, 3 Apr 2014, Mark Tinka wrote:


On Thursday, April 03, 2014 02:22:44 AM Randy Bush wrote:


and, btw, how many of those whose prefixes were
mis-originated had registered those prefixes in the
rpki?


It is probably a bit of a hammer at this stage, but we are
in limited deployment of dropping all Invalids using RPKI.

We shall be rolling out, network-wide, in 2014, where all
Invalids are dropped. At this stage, short of a mis-
origination, it's mostly longer prefixes of an aggregate
that are not ROA'd.


Great to hear more people are planning on dropping all Invalids.
We (SURFnet, AS1103) are in the same position and I wrote an article about the evaluation we did before deciding on dropping invalids (https://blog.surfnet.nl/?p=3159)
I would encourage more people to do a similar analysis and start using a RPKI routing policy and start dropping invalids.
Only when people start using RPKI the way it is proposted to (http://tools.ietf.org/html/rfc7115) we _all_ can benefit from this. 

Regards,

Jac

--
Jac Kloots
Network Services
SURFnet bv
Previous By Date Next
Previous By Thread Next

Current thread: