AT&T/as7018 now drops invalid prefixes from peers

• Previous message (by thread): AT&T/as7018 now drops invalid prefixes from peers
• Next message (by thread): AT&T/as7018 now drops invalid prefixes from peers
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

To be clear, I don’t believe they are dropping all routes which don’t validate (have no ROAs), only routes where the prefix matches an existing ROA and the origin AS in the AS PATH does not match.

Owen


> On Feb 12, 2019, at 10:20 , John Sweeting <jsweeting at arin.net> wrote:
> 
>  
> From: TJ Trout <tj at fdisturlock.com <mailto:tj at fdisturlock.com>>
> Date: Monday, February 11, 2019 at 6:49 PM
> To: <valdis.kletnieks at vt.edu <mailto:valdis.kletnieks at vt.edu>>
> Cc: Jay Borkenhagen <jayb at braeburn.org <mailto:jayb at braeburn.org>>, nanog <nanog at nanog.org <mailto:nanog at nanog.org>>
> Subject: Re: AT&T/as7018 now drops invalid prefixes from peers
>  
> How does one register their routes in the Rpki? If the routes are in the Arin database under the proper company name is that sufficient? *Ducks*
>  
> TJ and all,
>  
> To participate in RPKI with ARIN, your organization would need to have Internet number resources directly registered and those Internet number resources must be covered under a Registration Services Agreement (RSA) or a Legacy RSA.  In addition, participation in RPKI will require that you have an ARIN Online account, linked to an Admin or Tech Point of Contact (POC) on the Organization Identifier (Org ID) that contains the Internet number resources to be certified. 
>  
> Our “Resource Public Key Infrastructure (RPKI)” is a great jumping off point to get started with certifying your Internet number resources. 
>  
> If you would like any assistance verifying your eligibility for RPKI participation or would like additional information on getting started with RPKC, please call our Registration Services Helpdesk at 703.227.0660.  Our hours of operation are Monday – Friday, from 7:00 am to 7:00 pm eastern time. 
>  
>  
> On Mon, Feb 11, 2019, 3:09 PM <valdis.kletnieks at vt.edu <mailto:valdis.kletnieks at vt.edu> wrote:
> On Mon, 11 Feb 2019 09:53:45 -0500, Jay Borkenhagen said:
> > The AT&T/as7018 network is now dropping all RPKI-invalid route
> > announcements that we receive from our peers.  
> 
> Congrats!
> 
> Are you able to comment on what amount of routes are getting dropped?
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20190212/2f169646/attachment.html>

• Previous message (by thread): AT&T/as7018 now drops invalid prefixes from peers
• Next message (by thread): AT&T/as7018 now drops invalid prefixes from peers
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]