What are best practices for RPKI ROV in transit networks....

ssw at iu.edu ssw at iu.edu
Thu Oct 28 19:35:09 UTC 2021


Greetings,

We seek input on best practices for implementing RPKI ROV in a transit (partial transit) network. The Internet2 network provides partial transit for many of the K-12 and higher education institutions in the US. Our customer routes number just over 6,000. We work with our customers to assist with the adoption of MANRS, including creating RPKI ROAs for their resources.

 At some point in the future, we'd like to implement RPKI route origin validation (e.g., dropping invalids). Given that some routes may have mistaken ROAs that resolve to an invalid state, is there a standard/best practice for processing exceptions? Or, do transit providers that implement ROAs drop all routes that are invalid?

Thanks,

Steve

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4043 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20211028/eb89509d/attachment.bin>


More information about the NANOG mailing list