nanog mailing list archives
Re: ROA mirror to IRR?
From: Rubens Kuhl <rubensk () gmail com>
Date: Tue, 26 Oct 2021 19:51:45 -0300
TC(bgp.net.br) is using IRRd 4.2, which has an RPKI pseudo-source with exactly that. ROAs are downloaded from NTT. You can see how they look like at: https://bgp.net.br/whois/?q=-s%20RPKI%20200.160.0.0/20 But this is not used to create route(6) objects in the TC source, only to invalidate route(6) objects that users create at TC. Mirrored IRRs like RADB are not subject to RPKI validation, only to scope filter (private IP addresses, private ASNs). Rubens On Tue, Oct 26, 2021 at 5:29 PM Shawn <mailman.nanog.org () kleinart net> wrote:
Curious if any IRR databases are mirroring/importing ROA data - creating route|6 objects from ROA? LACNIC requires a route object to be created when creating a ROA. APNIC you create a route object, then may generate a ROA during that process. Other RIR's, curious if anything tries to bring the two together? Applicable for networks that only use IRR data (do not yet validate RPKI), they could benefit. IRR questions: How do most large networks maintain (automate) their IRR records? Is it standard practice to accept more specifics (append IPv4 "le /24" and IPv6 "le /48")? Or is it expected to have one IRR route per BGP announcement?
Current thread:
- ROA mirror to IRR? Shawn (Oct 26)
- Re: ROA mirror to IRR? George Michaelson (Oct 26)
- Re: ROA mirror to IRR? Rubens Kuhl (Oct 26)
- Re: ROA mirror to IRR? Vincent Bernat (Oct 26)
- Re: ROA mirror to IRR? Ben Maddison via NANOG (Oct 26)
- Re: ROA mirror to IRR? Laura Smith via NANOG (Oct 27)