nanog mailing list archives
RE: deploying RPKI based Origin Validation
From: Michel Py <michel.py () tsisemi com>
Date: Thu, 19 Jul 2018 19:47:40 +0000
Mark Tinka wrote : but I want to be cautious about encouraging a parallel stream that slows down the deployment of RPKI.
I understand that; if there is an easier way to do RPKI, people are going to use it instead of the right way. However, I think that the blacklist targets a different kind of customer : the end user. We want the enterprise to certify their prefixes with RPKI and put pressure on their upstreams to deploy it, the more noise we make the better. What I want is my upstreams to give me a clean routing tables without invalids, but it does not happen so in the meantime I'm trying to do what I can with my limited resources.
We generally use typical service provider routers to deliver services. So I'm not sure whether the 3900's you run support it or not.
The picture from the enterprise is quite different. There is a lot of stuff out there that does not get upgraded, that is not even under a maintenance contract to get the new software, or that is on EOL/EOS hardware. Michel. TSI Disclaimer: This message and any files or text attached to it are intended only for the recipients named above and contain information that may be confidential or privileged. If you are not the intended recipient, you must not forward, copy, use or otherwise disclose this communication or the information contained herein. In the event you have received this message in error, please notify the sender immediately by replying to this message, and then delete all copies of it from your system. Thank you!...
Current thread:
- Re: deploying RPKI based Origin Validation, (continued)
- Re: deploying RPKI based Origin Validation Mark Tinka (Jul 18)
- RE: deploying RPKI based Origin Validation Michel Py (Jul 17)
- Re: deploying RPKI based Origin Validation Mark Tinka (Jul 18)
- RE: deploying RPKI based Origin Validation Michel Py (Jul 18)
- Re: deploying RPKI based Origin Validation Job Snijders (Jul 18)
- RE: deploying RPKI based Origin Validation Michel Py (Jul 18)
- Re: deploying RPKI based Origin Validation Randy Bush (Jul 18)
- Re: deploying RPKI based Origin Validation Job Snijders (Jul 18)
- Re: deploying RPKI based Origin Validation Mark Tinka (Jul 18)
- Re: deploying RPKI based Origin Validation Mark Tinka (Jul 18)
- RE: deploying RPKI based Origin Validation Michel Py (Jul 19)
- Re: deploying RPKI based Origin Validation Mark Tinka (Jul 19)
- Message not available
- Re: deploying RPKI based Origin Validation Job Snijders (Jul 27)
- Re: deploying RPKI based Origin Validation Alex Band (Jul 27)
- Re: deploying RPKI based Origin Validation Mark Tinka (Jul 13)
- Re: deploying RPKI based Origin Validation Mark Tinka (Jul 13)
- Re: deploying RPKI based Origin Validation Mark Tinka (Jul 13)
- Re: deploying RPKI based Origin Validation Job Snijders (Jul 14)
- Re: deploying RPKI based Origin Validation Saku Ytti (Jul 14)
- Re: deploying RPKI based Origin Validation Mark Tinka (Jul 14)