PeerinDB refuses to register certain networks [was: Setting sensible max-prefix limits]
Rubens Kuhl
rubensk at gmail.com
Wed Aug 18 23:03:00 UTC 2021
Currently RPKI can only validate origin, not paths. If/when a path
validation solution is available, then one easy way to know that
network A really means to peer with network B is to publish a path
validation that B can use and/or forward A's announcements.
Rubens
On Wed, Aug 18, 2021 at 7:53 PM Sabri Berisha <sabri at cluecentral.net> wrote:
>
> ----- On Aug 18, 2021, at 3:02 PM, Patrick W. Gilmore patrick at ianai.net wrote:
>
> Hi,
>
> > Those networks would be ones that do not peer. Which seems pretty obvious to me
> > - it is literally in the name.
>
> I have an AS, I advertise IP space to the world. I want to be a Good Netizen and
> register my BGP peers. Your definition of BGP peering is different from mine, at
> least in this context.
>
> > I guess you are right, the _Peering_DB does not register “certain” networks.
>
> Which was my point. I'm glad you agree. My little AS is not allowed to play with
> the big kids.
>
> If you only want to register settlement-free peering, that's totally fine with me.
> Your database, your rules.
>
> But, the fact stays that you can have an AS, advertise your prefixes to the world,
> and not be permitted to register with peeringdb. Which means it can't be used as
> a single source of truth. Which would have been a shame because with a little bit
> of automation it would be feasible to "score" advertisements. That would help
> determine the likelihood of an advertisement to be erroneous (whether by accident
> or malice).
>
> For example, if I were to register my peers (53356 and 136620) and AS5524 would
> all of a sudden start to advertise my AS as behind it, you'd be able to flag that.
>
> But again, your database, your rules.
>
> Thanks,
>
> Sabri
More information about the NANOG
mailing list