Hurricane Electric has reached 0 RPKI INVALIDs in our routing table

• Previous message (by thread): Reactive RPKI ROV (Was: Hurricane Electric has reached 0 RPKI INVALIDs)
• Next message (by thread): Hurricane Electric has reached 0 RPKI INVALIDs in our routing table
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 15 Jun 2020, Mike Leber via NANOG wrote:

> I'm pleased to announce Hurricane Electric has completed our RPKI
> INVALID filtering project and we now have 0 RPKI INVALIDs in our routing
> table.
>
> Hurricane Electric has 29021 BGP sessions with 22109 prefix filters with
> 7191 networks directly and 8239 networks including Internet exchanges.

The flip side of this though is that every time an IP space owner 
publishes an ROA for an aggregate IP block and overlooks the fact that 
they have customers BGP originating a subnet of the aggregate with an ASN 
not permitted by an ROA, HE has "less than a full table".  :(

i.e. I'm questioning whether the system is mature enough and properly used 
widely enough for dropping RPKI invalids to be a good idea?

----------------------------------------------------------------------
  Jon Lewis, MCP :)           |  I route
  StackPath, Sr. Neteng       |  therefore you are
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________

• Previous message (by thread): Reactive RPKI ROV (Was: Hurricane Electric has reached 0 RPKI INVALIDs)
• Next message (by thread): Hurricane Electric has reached 0 RPKI INVALIDs in our routing table
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]