[Kznnog-discuss] [Wcnog-discuss] FW: [CINX.announce] RPKI ROV & ropping of nvalids - Africa

Mark Tinka mark.tinka at seacom.mu
Thu Apr 11 16:27:48 SAST 2019

On 11/Apr/19 16:17, Nishal Goburdhan wrote:

> the invalids.

For now, we are checking for complaints through the validator that we use.

We are not monitoring the Invalid routes themselves. I'm not sure I see
the need for it, since any real issues around there will always

> well, if you don’t do it now, i’ll ask you the same around SAFNOG
> time  :-D


> well,  yes and no.
> IRR filters fail because someone registers a covering prefix, but then
> does something else in bgp.
> that similar process - that lack of attention to detail - is what i’m
> referring to, and that’s trivial to replicate with ROAs :-)
> (admittedly, afrinic’s ROA generation tools are easier to use than
> their IRR ones..)

Yes, in both cases the customer would need to fix their IRR or ROA
entries when the policy filtering works as it should.

In the case of broken ROA's, we can easily detect and fix this together
with the customer, mostly because they will be hard down for the
affected prefix.

We are putting a lot more energy into RPKI than IRR, to be honest.


More information about the KZNnog-discuss mailing list