nanog mailing list archives
Re: "Is BGP safe yet?" test
From: Denys Fedoryshchenko <nuclearcat () nuclearcat com>
Date: Mon, 20 Apr 2020 21:36:28 +0300
There is simple use case that will prove this page is giving false positive
for their "name&shame" strategy.Any AS owner with default route only (yes it happens a lot) users will get:
"YOUR ISP TERRIBLE, HIS BGP NOT SAFE!". But he have nothing to validate! His BGP is implemented safely, its just his upstream is not validating routes. On 2020-04-20 21:21, Andrey Kostin wrote:
Mark Tinka писал 2020-04-20 12:57:On 20/Apr/20 18:50, Tom Beecher wrote:I (and Ben, and a few others) are all too familiar with the ARIN madnessaround their TAL. Simple - we just don't accept it, which means our networks will beunsafe against North American resources. Highly doubtful my organizationis that interested in how the ARIN region may or may not impact ourinterest in deploying RPKI on this side of the planet, when the rest ofthe world are less mad about it :-).So this means that there is no single source of truth for PRKI implementation all around the world and there are different shades, right? As a logical conclusion, the information provided on that page may be considered incorrect in terms of proclaiming particular network safe or not safe, but when it's claimed (sometimes blatantly) we now have to prove to our clients that we are not bad guys. Kind regards, Andrey
Current thread:
- Re: "Is BGP safe yet?" test, (continued)
- Re: "Is BGP safe yet?" test Randy Bush (Apr 21)
- Re: "Is BGP safe yet?" test Mark Tinka (Apr 21)
- Re: "Is BGP safe yet?" test Randy Bush (Apr 21)
- Re: "Is BGP safe yet?" test Cummings, Chris (Apr 20)
- Re: "Is BGP safe yet?" test Tom Beecher (Apr 20)
- Re: "Is BGP safe yet?" test Mark Tinka (Apr 20)
- Re: "Is BGP safe yet?" test Tom Beecher (Apr 20)
- Re: "Is BGP safe yet?" test Mark Tinka (Apr 20)
- Re: "Is BGP safe yet?" test Andrey Kostin (Apr 20)
- Re: "Is BGP safe yet?" test Denys Fedoryshchenko (Apr 20)
- Re: "Is BGP safe yet?" test Rubens Kuhl (Apr 20)
- Re: "Is BGP safe yet?" test Denys Fedoryshchenko (Apr 20)
- Re: "Is BGP safe yet?" test Andrey Kostin (Apr 20)