Re: deploying RPKI based Origin Validation

[Mark Tinka <mark.tinka () seacom mu>]

On 16/Jul/18 19:00, Paolo Lucente wrote:

> Hi Job, All,
>
> It is definitely great to see progress on the deployment side! I realize
> that there may be some gaps in the network operator toolchain, and this
> may be something i'd like to contribute to.
>
> For network operators to better understand the impact of BGP hijacks in
> terms of revenue or volumes of traffic that went missing, it makes perfect
> sense if network monitoring tools are aware of which BGP announcements
> are invalid or not.
>
> I will look into adding support for the RTR protocol (RFC 6810, RFC
> 8210) to pmacct ( https://github.com/pmacct/pmacct , http://pmacct.net/ )
> and expose the validation state through an extra field (when collecting
> routing tables) and primitive (when accounting traffic and correlating
> it with BGP data).
>
> Updating the telemetry tools to be fully aware of RPKI validation states
> should come in handy!

Sounds great, Paolo. Many thanks for this.

Mark.