Hi Mark, On Thu, 3 Apr 2014, Mark Tinka wrote:
On Thursday, April 03, 2014 02:22:44 AM Randy Bush wrote:
and, btw, how many of those whose prefixes were mis-originated had registered those prefixes in the rpki?
It is probably a bit of a hammer at this stage, but we are in limited deployment of dropping all Invalids using RPKI.
We shall be rolling out, network-wide, in 2014, where all Invalids are dropped. At this stage, short of a mis- origination, it's mostly longer prefixes of an aggregate that are not ROA'd.
Great to hear more people are planning on dropping all Invalids. We (SURFnet, AS1103) are in the same position and I wrote an article about the evaluation we did before deciding on dropping invalids (https://blog.surfnet.nl/?p=3159) I would encourage more people to do a similar analysis and start using a RPKI routing policy and start dropping invalids. Only when people start using RPKI the way it is proposted to (http://tools.ietf.org/html/rfc7115) we _all_ can benefit from this. Regards, Jac -- Jac Kloots Network Services SURFnet bv