[AusNOG] RPKI ROV Inconsistencies
Philip Loenneker
Philip.Loenneker at tasmanet.com.au
Thu May 6 19:37:23 EST 2021
Hello,
It's worth having a read of this post from NANOG from just a couple weeks ago:
https://mailman.nanog.org/pipermail/nanog/2021-April/213346.html
Here is the TL;DR snippet for those who want a summary without having to click links:
RPKI Route Origin Validation (ROV) is incrementally deployed inside networks, and incrementally across the Default-Free Zone. This means right now (and for years to come), operators will see RPKI invalid routes spill through the cracks of the global routing system. This is expected and unavoidable.
Regards,
Philip
From: AusNOG <ausnog-bounces at lists.ausnog.net> On Behalf Of Aftab Siddiqui
Sent: Thursday, 6 May 2021 3:34 PM
To: AusNOG at lists.ausnog.net
Subject: [AusNOG] RPKI ROV Inconsistencies
Hi,
Looking at the data by APNIC Labs, it shows that Telstra, Vocus, Superloop etc are not 100% dropping RPKI Invalid Routes.
https://stats.labs.apnic.net/rpki/AU?o=cQPw7v1p1x0l1<https://aus01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fstats.labs.apnic.net%2Frpki%2FAU%3Fo%3DcQPw7v1p1x0l1&data=04%7C01%7Cphilip.loenneker%40tasmanet.com.au%7Cdf2c59f3e23c41d3b3b508d91050c165%7Cb53dc580ab7847208b30536f36d398ac%7C0%7C0%7C637558761298896369%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=H85VCxSyRofaSMylzmQIwC14ignMKWXaOq5%2BAPbaChc%3D&reserved=0>
I don't receive any invalids transiting AS1221 (I have only 1 transit feed though) I don't think operators are selectively dropping invalids on some edges. Please correct me if I'm wrong.
Regards,
Aftab A. Siddiqui
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20210506/0e24a9a9/attachment.html>
More information about the AusNOG
mailing list