nanog mailing list archives
Re: A few questions regarding about RPKI/invalids
From: Jon Lewis <jlewis () lewis org>
Date: Wed, 30 Mar 2022 10:06:12 -0400 (EDT)
On Wed, 30 Mar 2022, Drew Weaver wrote:
We’ve noticed that there are a number of routes being passed along from 3356 with invalid origin AS. Of those, almost all of them are being passed to 3356 from 3549 (legacy Global Crossing) and there is no valid path available for any of these prefixes (at least according to the ROA). Ex 45.176.191.0/24 3356 3549 11172 270150 RPKI ROA entry for 45.176.191.0/24-24 Origin-AS: 265621
I'm seeing that route, same origin. Those who do RPKI ROV do not see that route. Hurricane Electric, for example, via their looking glass has no route for that IP space.
You would think the pain inflicted by parts of the Internet ignoring your routes would get RPKI oops's like this fixed relatively quickly. It may depend on how much of the Internet they regularly exchange bits with and how many of those networks actually do ROV.
---------------------------------------------------------------------- Jon Lewis, MCP :) | I route StackPath, Sr. Neteng | therefore you are _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
Current thread:
- A few questions regarding about RPKI/invalids Drew Weaver (Mar 30)
- Re: A few questions regarding about RPKI/invalids Andrey Kostin (Mar 30)
- Re: A few questions regarding about RPKI/invalids Jon Lewis (Mar 30)
- Re: A few questions regarding about RPKI/invalids Job Snijders via NANOG (Mar 30)
- Re: A few questions regarding about RPKI/invalids Nimrod Levy (Mar 30)
- RE: A few questions regarding about RPKI/invalids Drew Weaver (Mar 31)