Starting to Drop Invalids for Customers

• Previous message (by thread): Starting to Drop Invalids for Customers
• Next message (by thread): Starting to Drop Invalids for Customers
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[ found in old emacs buffer.  might have already been sent ]

>> Invalid according to RPKI or IRR? Or both?
> 
> In this context the use of the word “invalid” refers to the result of
> validation procedure described in RFC 6811 - which is to match received BGP
> updates to the RPKI and attach either of “valid”, “invalid”, or “not-found”.
> 
> In IRR, the challenge has always been that “route:” objects describe a
> state of the network that may exist, but the semantics of “route:” objects
> don’t allow extrapolation towards what should definitely *not* exist in the
> BGP Default-Free Zone.
> 
> RPKI ROAs (compared to IRR objects) carry different meaning: the existence
> of a ROA (both by definition and common implementation) supersedes other
> data sources (IRR, LOAs, or comments in whois records, etc), and as such
> can be used on any type of EBGP session for validation of the received
> Internet routing information.

do not disagree with your pedantry.  but ...

as i am pretty sure arturo knows all that.  i suspect he was wondering
if mark is gonna throw irr data in the mix the way chris says google
will (or does?).  and if so, how?  seems a useful question.

irr acls scale poorly in routers.  but mark said customer-facing, which
could be reasonable depending on the platform.  e.g. ntt uses irr-based
acls toward customers.

but i am cheered if mark is dropping rpki-based origin validation
invalids.  it's a big step.

randy

• Previous message (by thread): Starting to Drop Invalids for Customers
• Next message (by thread): Starting to Drop Invalids for Customers
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]