AS3356 Announcing 2000::/12

• Previous message (by thread): AS3356 Announcing 2000::/12
• Next message (by thread): AS3356 Announcing 2000::/12
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

How can RPKI / OV prevent such a leak when there is no ROA for 2000::/12,
what would 6762|2914|174|* invalidate against? Until a future where
everything is 'valid', RPKI is unable to pare out less-specific conflicts.

It does look like 3356 pulled the announcement, which is good.


On Thu, Dec 8, 2022 at 4:48 AM Christopher Morrow <morrowc.lists at gmail.com>
wrote:

> On Wed, Dec 7, 2022 at 11:25 PM Ryan Hamel <administrator at rkhtech.org>
> wrote:
> >
> > AS3356 has been announcing 2000::/12 for about 3 hours now, an aggregate
> covering over 23K prefixes (just over 25%) of the IPv6 DFZ.
> >
> >
>
> interesting that this is leaking outside supposed RPKI OV boundaries as
> well.
> For example:
>   6762 3356
>   2914 3356
>   174 3356 (apologies to 174, I forget if they signed up to the 'doin
> ov now' plan)
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20221208/351ad0e9/attachment.html>

• Previous message (by thread): AS3356 Announcing 2000::/12
• Next message (by thread): AS3356 Announcing 2000::/12
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]