nanog mailing list archives
Re: deploying RPKI based Origin Validation
From: Mark Tinka <mark.tinka () seacom mu>
Date: Thu, 19 Jul 2018 17:02:50 +0200
On 16/Jul/18 19:00, Paolo Lucente wrote:
Hi Job, All, It is definitely great to see progress on the deployment side! I realize that there may be some gaps in the network operator toolchain, and this may be something i'd like to contribute to. For network operators to better understand the impact of BGP hijacks in terms of revenue or volumes of traffic that went missing, it makes perfect sense if network monitoring tools are aware of which BGP announcements are invalid or not. I will look into adding support for the RTR protocol (RFC 6810, RFC 8210) to pmacct ( https://github.com/pmacct/pmacct , http://pmacct.net/ ) and expose the validation state through an extra field (when collecting routing tables) and primitive (when accounting traffic and correlating it with BGP data). Updating the telemetry tools to be fully aware of RPKI validation states should come in handy!
Sounds great, Paolo. Many thanks for this. Mark.
Current thread:
- Re: deploying RPKI based Origin Validation, (continued)
- Re: deploying RPKI based Origin Validation Mark Tinka (Jul 19)
- Message not available
- Re: deploying RPKI based Origin Validation Job Snijders (Jul 27)
- Re: deploying RPKI based Origin Validation Alex Band (Jul 27)
- Re: deploying RPKI based Origin Validation Mark Tinka (Jul 13)
- Re: deploying RPKI based Origin Validation Mark Tinka (Jul 13)
- Re: deploying RPKI based Origin Validation Mark Tinka (Jul 13)
- Re: deploying RPKI based Origin Validation Job Snijders (Jul 14)
- Re: deploying RPKI based Origin Validation Saku Ytti (Jul 14)
- Re: deploying RPKI based Origin Validation Mark Tinka (Jul 14)
- Re: deploying RPKI based Origin Validation Mark Tinka (Jul 19)