nanog mailing list archives
Re: CloudFlare issues?
From: Mark Tinka <mark.tinka () seacom mu>
Date: Sun, 7 Jul 2019 19:15:11 +0200
On 6/Jul/19 22:05, Brett Frankenberger wrote:
These were more-specifics, though. So if you drop all the more-specifics as failing ROV, then you end up following the valid shorter prefix to the destination.
I can't quite recall which Cloudflare prefixes were impacted. If you have a sniff at https://bgp.he.net/AS13335#_prefixes and https://bgp.he.net/AS13335#_prefixes6 you will see that Cloudflare have a larger portion of their IPv6 prefixes ROA'd than the IPv4 ones. If you remember which Cloudflare prefixes were affected by the Verizon debacle, we can have a closer look.
Quite possibly that points at the upstream which sent you the more-specific which you rejected, at which point your packets end up same going to the same place they would have gone if you had accepted the invalid more-specific.
But that's my point... we did not have the chance to drop any of the affected Cloudflare prefixes because we do not use the ARIN TAL. That means that we are currently ignoring the RPKI value of Cloudflare's prefixes that are under ARIN. Also, AFAICT, none of our current upstreams are doing ROV. You can see that list here: https://bgp.he.net/AS37100#_graph4 Mark.
Current thread:
- Re: CloudFlare issues? Mark Tinka (Jul 04)
- Re: CloudFlare issues? i3D.net - Martijn Schmidt via NANOG (Jul 04)
- Re: CloudFlare issues? Sandra Murphy (Jul 05)
- Re: CloudFlare issues? i3D.net - Martijn Schmidt via NANOG (Jul 05)
- Re: CloudFlare issues? Sandra Murphy (Jul 05)
- Re: CloudFlare issues? Brett Frankenberger (Jul 06)
- Re: CloudFlare issues? Matt Corallo (Jul 06)
- Re: CloudFlare issues? Matt Corallo (Jul 06)
- Re: CloudFlare issues? Mark Tinka (Jul 07)
- Re: CloudFlare issues? Mark Tinka (Jul 07)
- Re: CloudFlare issues? Matt Corallo (Jul 06)
- <Possible follow-ups>
- Re: CloudFlare issues? Francois Lecavalier (Jul 04)
- Re: CloudFlare issues? Job Snijders (Jul 04)
- Re: CloudFlare issues? Ben Maddison via NANOG (Jul 04)
- Re: CloudFlare issues? Mark Tinka (Jul 04)
- RE: CloudFlare issues? Francois Lecavalier (Jul 04)
- Re: CloudFlare issues? Ben Maddison via NANOG (Jul 04)
- Re: CloudFlare issues? Job Snijders (Jul 04)
- Re: CloudFlare issues? Job Snijders (Jul 04)
- Re: CloudFlare issues? Mark Tinka (Jul 04)
- Re: CloudFlare issues? Mark Tinka (Jul 04)
- Re: CloudFlare issues? Job Snijders (Jul 04)
- Re: CloudFlare issues? i3D.net - Martijn Schmidt via NANOG (Jul 04)