Level 3's IRR Database
randy at psg.com
Mon Jan 31 08:35:49 CST 2011
>> when there is no roa for the arriving prefix, a roa for the covering
>> prefix is used. see draft-pmohapat-sidr-pfx-validate-07.txt.
> Ahh, very good. I think that was the only concern. Presumably that
> would invalidate the route and it would be discarded vs deprefed.
well, i am not sure you want to discard it. this is where the op has to
make a decision. in a world of partial deployment and ops and customers
still learning how to deal with this stuff, should it be discarded?
again from draft-ietf-sidr-rpki-origin-ops-04.txt
Local policy using relative preference is suggested to manage the
uncertainty associated with a system in flux, applying local policy
to eliminate the threat of unroutability of prefixes due to ill-
advised certification policies and/or incorrect certification data.
E.g. until the community feels comfortable relying on RPKI data,
routing on Invalid origin validity, though at a low preference, will
likely be prevalent for a long time.
but you configure your routers as you think best.
More information about the NANOG