Analysing traffic in context of rejecting RPKI invalids using pmacct
Randy Bush
randy at psg.com
Fri Mar 15 17:55:00 UTC 2019
>> When we (as7018) were preparing to begin dropping invalid routes
>> received from peers earlier this year, that is exactly the kind of
>> analysis we did. In our case we rolled our own with a two-pass
>> process: we first found all the traffic to/from invalid routes by a
>> bgp community we gave them, then outside of our flow analysis tool we
>> further filtered the traffic for invalid routes which were covered by
>> less-specific not-invalid routes. What remained was the traffic we
>> would lose once invalid routes were dropped. Had the pmacct
>> capability existed at that time, we would have used it.
>
> We (NIST) did a detailed analysis of Invalid routes (with Routeviews data)
> that was presented at IETF 101:
> https://datatracker.ietf.org/meeting/101/materials/slides-101-sidrops-origin-validation-policy-considerations-for-dropping-invalid-routes-00
> See slides 10-13. We tried to drill down on Invalid routes which were covered by
> less-specific not-invalid routes. We examined questions like:
> how often does the less-specific route have the same origin AS (OAS) as the Invalid,
> and, if not, then how frequently is the OAS of the less specific route
> a transit provider of the OAS of the Invalid route?
> We plan to update the results periodically.
Daniele Iamartino, Cristel Pelsser, Randy Bush. "Measuring BGP Route
Origin Registration and Validation," PAM 2015.
https://archive.psg.com//141223.route-origin-pam2015.pdf
https://ripe69.ripe.net/presentations/103-route-origin-validation.pdf
More information about the NANOG
mailing list