nanog mailing list archives

Re: RPKI unknown for superprefixes of existing ROA ?

From: Job Snijders via NANOG <nanog () nanog org>
Date: Sun, 22 Oct 2023 19:44:59 +0200

On Sun, 22 Oct 2023 at 19:35, Owen DeLong <owen () delong com> wrote:

Actually, Job, the 1.2.0/20 would be the longest prefix announced for
1.2.4/24 and 1.2.7/24 in this case. It’s a rather clever end-run. The /20
won’t match the more specific as0 ROAs, so it gets accepted. The /24s
either aren’t advertised or they get discarded as invalid.



You wouldn’t create AS 0 ROAs if you want to announce the IP space pull
traffic into the discard filters on your edge.

Kind regards,

Job

Current thread:

Re: RPKI unknown for superprefixes of existing ROA ?, (continued)
- - - Re: RPKI unknown for superprefixes of existing ROA ? Job Snijders via NANOG (Oct 22)
    - Re: RPKI unknown for superprefixes of existing ROA ? Owen DeLong via NANOG (Oct 24)
    - Re: RPKI unknown for superprefixes of existing ROA ? Job Snijders via NANOG (Oct 24)
    - Re: RPKI unknown for superprefixes of existing ROA ? Randy Bush (Oct 24)
    - Re: RPKI unknown for superprefixes of existing ROA ? Owen DeLong via NANOG (Oct 25)
    - Re: RPKI unknown for superprefixes of existing ROA ? Owen DeLong via NANOG (Oct 24)
    - Re: RPKI unknown for superprefixes of existing ROA ? Tom Beecher (Oct 24)
    - Re: RPKI unknown for superprefixes of existing ROA ? Job Snijders via NANOG (Oct 22)
    - Re: RPKI unknown for superprefixes of existing ROA ? Rubens Kuhl (Oct 22)
    - Re: RPKI unknown for superprefixes of existing ROA ? Owen DeLong via NANOG (Oct 22)
    - Re: RPKI unknown for superprefixes of existing ROA ? Job Snijders via NANOG (Oct 22)