Hurricane Electric has reached 0 RPKI INVALIDs in our routing table
mark.tinka at seacom.mu
Wed Jun 17 14:33:44 UTC 2020
On 17/Jun/20 16:25, Jon Lewis wrote:
> The flip side of this though is that every time an IP space owner
> publishes an ROA for an aggregate IP block and overlooks the fact that
> they have customers BGP originating a subnet of the aggregate with an
> ASN not permitted by an ROA, HE has "less than a full table". :(
This is a known business use-case and it's incumbent upon the address
and AS holders to co-ordinate this.
We dropped some prefixes due to this in October of last year. Once we
raised the issue with the remote network, it was fixed in 30 minutes.
> i.e. I'm questioning whether the system is mature enough and properly
> used widely enough for dropping RPKI invalids to be a good idea?
Well, if we don't deploy, nothing matures.
The problems we hit in the field will help to make the entire system
More information about the NANOG