nanog mailing list archives
Re: Illegal usage of AS51888 (and PI 91.220.85.0/24) from AS42989 and AS57954 (in ukraine)
From: Christopher Morrow <morrowc.lists () gmail com>
Date: Fri, 3 May 2013 17:42:08 -0400
On Fri, May 3, 2013 at 2:21 PM, Nick Hilliard <nick () foobar org> wrote:
On 03/05/2013 19:08, Christopher Morrow wrote:hopefully it won't involve people being brave :) hopefully goodmeasurementand metrics lead us to a position where things 'just work' and we can doitwith confidence! :)dropping prefixes means that you're ok about not having reachability to a prefix if its roa pops up as "unknown". This could be because the prefix holder hasn't bothered to register their prefix in the rpki (i.e. sloppiness), or it could be because the ROA has been revoked for some reason (e.g. because of hijacking). For sure, a router can't tell the difference.
right, in the ideal tomorrow-tomorrow-land ... this all is part of turnup and the timelines associated with propogation/etc are all known and accounted for. Additionally, the systems involved are all well understood and redundant/resilient/etc. in short, in the tomorrow-tomorrow-land... this all just works as we expect/want, and the only 'unknown' are actually 'invalid'.
From a deployment point of view, there's a pretty big gap between poking around with rpki and actually dropping prefixes on your routers. I don't see that the rpki dat a will be good enough for the latter any time soon, but maybe one day.
right, no problem with this.
Nick
Current thread:
- Illegal usage of AS51888 (and PI 91.220.85.0/24) from AS42989 and AS57954 (in ukraine) Xavier Beaudouin (May 03)
- Re: Illegal usage of AS51888 (and PI 91.220.85.0/24) from AS42989 and AS57954 (in ukraine) Nick Hilliard (May 03)
- Re: Illegal usage of AS51888 (and PI 91.220.85.0/24) from AS42989 and AS57954 (in ukraine) Christopher Morrow (May 03)
- Re: Illegal usage of AS51888 (and PI 91.220.85.0/24) from AS42989 and AS57954 (in ukraine) Nick Hilliard (May 03)
- Re: Illegal usage of AS51888 (and PI 91.220.85.0/24) from AS42989 and AS57954 (in ukraine) Christopher Morrow (May 03)
- RE: Illegal usage of AS51888 (and PI 91.220.85.0/24) from AS42989 and AS57954 (in ukraine) Adam Vitkovsky (May 06)
- RE: Illegal usage of AS51888 (and PI 91.220.85.0/24) from AS42989 and AS57954 (in ukraine) Warren Bailey (May 06)
- Re: Illegal usage of AS51888 (and PI 91.220.85.0/24) from AS42989 and AS57954 (in ukraine) Valdis . Kletnieks (May 06)
- Re: Illegal usage of AS51888 (and PI 91.220.85.0/24) from AS42989 and AS57954 (in ukraine) Christopher Morrow (May 06)
- Re: Illegal usage of AS51888 (and PI 91.220.85.0/24) from AS42989 and AS57954 (in ukraine) Warren Bailey (May 06)
- Re: Illegal usage of AS51888 (and PI 91.220.85.0/24) from AS42989 and AS57954 (in ukraine) goemon (May 06)
- Re: Illegal usage of AS51888 (and PI 91.220.85.0/24) from AS42989 and AS57954 (in ukraine) Warren Bailey (May 06)
- Re: Illegal usage of AS51888 (and PI 91.220.85.0/24) from AS42989 and AS57954 (in ukraine) Christopher Morrow (May 06)
- Re: Illegal usage of AS51888 (and PI 91.220.85.0/24) from AS42989 and AS57954 (in ukraine) goemon (May 06)
- Re: Illegal usage of AS51888 (and PI 91.220.85.0/24) from AS42989 and AS57954 (in ukraine) Christopher Morrow (May 03)
- Re: Illegal usage of AS51888 (and PI 91.220.85.0/24) from AS42989 and AS57954 (in ukraine) Nick Hilliard (May 03)
- Re: Illegal usage of AS51888 (and PI 91.220.85.0/24) from AS42989 and AS57954 (in ukraine) Nick Hilliard (May 06)