nanog mailing list archives

Re: Re: Why do ROV-ASes announce some invalid route?

From: Lukas Tribus <lukas () ltri eu>
Date: Fri, 11 Nov 2022 14:48:49 +0100

On Fri, 11 Nov 2022 at 14:00, Christopher Morrow
<morrowc.lists () gmail com> wrote:

Also, also, possibly the output path on the session(s) here is not
filtering in an OV fashion.


ROV belongs on the input path, let's not ROV on the output towards
customers / route collectors.

Announcing bigger, ROV valid/unkown aggregates, while really routing
based on possibly ROV-invalid more specifics in the FIB is akin to
actively obscuring routing security, "cheating" your way to a RAS.


Yes, there are some very specific situations where output ROV is
beneficial (a peering box not supporting ROV and you ask your peer to
ROV their output), but let's not normalize ROV on the output path.



Thanks,
Lukas

Current thread:

Why do ROV-ASes announce some invalid route? 孙乐童 (Nov 07)
- Re: Why do ROV-ASes announce some invalid route? Job Snijders via NANOG (Nov 07)
  - Re: Re: Why do ROV-ASes announce some invalid route? 孙乐童 (Nov 10)
    - Re: Re: Why do ROV-ASes announce some invalid route? Christopher Morrow (Nov 11)
    - Re: Re: Why do ROV-ASes announce some invalid route? Lukas Tribus (Nov 11)
    - Re: Why do ROV-ASes announce some invalid route? Randy Bush (Nov 11)
    - RE: Why do ROV-ASes announce some invalid route? Zhuangshunwan via NANOG (Nov 12)
    - Re: Re: Why do ROV-ASes announce some invalid route? Christopher Morrow (Nov 13)
- Re: Why do ROV-ASes announce some invalid route? Randy Bush (Nov 07)