A few questions regarding about RPKI/invalids
Jon Lewis
jlewis at lewis.org
Wed Mar 30 14:06:12 UTC 2022
On Wed, 30 Mar 2022, Drew Weaver wrote:
> We’ve noticed that there are a number of routes being passed along from 3356 with invalid origin AS.
>
> Of those, almost all of them are being passed to 3356 from 3549 (legacy Global Crossing) and there is no valid path available for any of these prefixes (at least according
> to the ROA).
>
> Ex 45.176.191.0/24 3356 3549 11172 270150
>
> RPKI ROA entry for 45.176.191.0/24-24
>
> Origin-AS: 265621
I'm seeing that route, same origin. Those who do RPKI ROV do not see that
route. Hurricane Electric, for example, via their looking glass has no
route for that IP space.
You would think the pain inflicted by parts of the Internet ignoring your
routes would get RPKI oops's like this fixed relatively quickly. It may
depend on how much of the Internet they regularly exchange bits with and
how many of those networks actually do ROV.
----------------------------------------------------------------------
Jon Lewis, MCP :) | I route
StackPath, Sr. Neteng | therefore you are
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
More information about the NANOG
mailing list