AT&T/as7018 now drops invalid prefixes from peers

Job Snijders job at
Tue Feb 12 18:48:01 UTC 2019

On Tue, Feb 12, 2019 at 6:40 PM Owen DeLong <owen at> wrote:
> To be clear, I don’t believe they are dropping all routes which don’t validate (have no ROAs), only routes where the prefix matches an existing ROA and the origin AS in the AS PATH does not match.

Small addition: routes are not only rejected when the BGP Origin ASN
doesn't match with any of the ROAs, but also if the Prefix Length
doesn't match up. RFC 6811 describes the procedure.

Kind regards,


More information about the NANOG mailing list