nanog mailing list archives

Re: NTT/AS2914 enabled RPKI OV 'invalid = reject' EBGP policies

From: Ben Maddison via NANOG <nanog () nanog org>
Date: Tue, 31 Mar 2020 12:46:00 +0000

On Tue, 2020-03-31 at 13:18 +0200, Mark Tinka wrote:


On 26/Mar/20 02:50, Job Snijders wrote:

Dear group,

Exciting news! Today NTT's Global IP Network (AS 2914) enabled RPKI
based BGP Origin Validation on virtually all EBGP sessions, both
customer and peering edge. This change positively impacts the
Internet
routing system.


Good man. The club is growing :-).

Quick one - do you have ROV on any IOS or IOS XE-based boxes? We've
had
to walk back the few we did in recent weeks; the thing is just
totally
broken there.

The good news is Cisco are listening to fix suggestions, and I'm
waiting
for test code to verify.

Tomorrow is our first ROV invalid = reject anniversary, and for most of
that time I have been in communications at various levels with Cisco
regarding the shocking brokenness in classic and XE.

Aside from some well meaning sounding email, crickets.

I very much hope, for the sake of the interwebs at large, that you have
more luck than me. We're are falling back to plan B, aka truck-roll.

Cheers,

Ben

Current thread:

NTT/AS2914 enabled RPKI OV 'invalid = reject' EBGP policies Job Snijders (Mar 25)
- Re: NTT/AS2914 enabled RPKI OV 'invalid = reject' EBGP policies Michel Py (Mar 25)
  - Re: NTT/AS2914 enabled RPKI OV 'invalid = reject' EBGP policies JASON BOTHE via NANOG (Mar 25)
    - Re: NTT/AS2914 enabled RPKI OV 'invalid = reject' EBGP policies Tom Hill (Mar 26)
    - Re: NTT/AS2914 enabled RPKI OV 'invalid = reject' EBGP policies Brandon Butterworth (Mar 26)
    - Re: NTT/AS2914 enabled RPKI OV 'invalid = reject' EBGP policies Tom Hill (Mar 26)
    - Re: NTT/AS2914 enabled RPKI OV 'invalid = reject' EBGP policies Jared Mauch (Mar 26)
- Re: NTT/AS2914 enabled RPKI OV 'invalid = reject' EBGP policies L Sean Kennedy (Mar 26)
- Re: NTT/AS2914 enabled RPKI OV 'invalid = reject' EBGP policies Alex Band (Mar 26)
- Re: NTT/AS2914 enabled RPKI OV 'invalid = reject' EBGP policies Mark Tinka (Mar 31)
  - Re: NTT/AS2914 enabled RPKI OV 'invalid = reject' EBGP policies Ben Maddison via NANOG (Mar 31)
    - Re: NTT/AS2914 enabled RPKI OV 'invalid = reject' EBGP policies Mark Tinka (Mar 31)
  - Re: NTT/AS2914 enabled RPKI OV 'invalid = reject' EBGP policies Dorian Kim (Mar 31)
    - Re: NTT/AS2914 enabled RPKI OV 'invalid = reject' EBGP policies Mark Tinka (Mar 31)
    - Re: NTT/AS2914 enabled RPKI OV 'invalid = reject' EBGP policies Mark Tinka (Mar 31)