Level 3's IRR Database

Jack Bates jbates at brightok.net
Mon Jan 31 15:15:56 UTC 2011


On 1/31/2011 8:35 AM, Randy Bush wrote:
>>> when there is no roa for the arriving prefix, a roa for the covering
>>> prefix is used.  see draft-pmohapat-sidr-pfx-validate-07.txt.
>> Ahh, very good. I think that was the only concern. Presumably that
>> would invalidate the route and it would be discarded vs deprefed.
>
> well, i am not sure you want to discard it.  this is where the op has to
> make a decision.  in a world of partial deployment and ops and customers
> still learning how to deal with this stuff, should it be discarded?
>

I agree and definitely understand the turnup viewpoint. However, RPKI is 
useless if we don't discard invalid routes which are more specific than 
valid covering routes. local pref doesn't override prefix length 
decisions. Hijacks will continue to occur unless we issue discards... at 
some point.


Jack




More information about the NANOG mailing list