Hi Martin, (related to a recent discussion on RIPE routing-wg ML [0])
I was wondering whether HE's bgp toolkit displays announced prefixes only or announced prefixes _AND_ prefix-origin pairs for which ROAs exits. Example: 186.182.0.0/16 announced according to RIS by one ASN: AS19037 [2] (invalid per RPKI) bgp.he.net [1] shows two announcements (one valid, one invalid) rt-bgp [3] shows one orign ASN (AS19037) (invalid) The question is: Are both announcements visible to HE (HE just sees more announcements than RIS) or is the second entry just the display of a ROA (that is not actually announced)? thanks, nusenu [0] https://www.ripe.net/ripe/mail/archives/routing-wg/2018-September/003630.html [1] https://bgp.he.net/net/186.182.0.0/16 [2] https://stat.ripe.net/widget/looking-glass#w.resource=186.182.0.0%2F16 [3] https://rt-bgp.he.net/prefix/186.182.0.0/16 Alex Band: > Hi nusenu, > > Please note that the RPKI Validator BGP Preview only shows > announcements that are “widely seen”, which in this case 5 peers or > more. Anything lower than that will not simply show up in the list, > however it may still be listed in the dump file Rene linked to. > > Cheers, > > —Alex > >> On 27 Sep 2018, at 03:07, Rene Wilhelm <[email protected]> wrote: >> >> Hi, >> >> On 9/27/18 1:11 AM, nusenu wrote: >>> Hi, I came across this particular prefix when going through big >>> RPKI unreachable blocks. prefix-routing-consistency [1] says: >>> current origin is AS2200 prefix-overview [2] says: current origin >>> is AS1942 (nlnog's LG agrees) routing-history [3] says it was >>> announced by AS220 until 2017-06-10 and is currently announced by >>> AS1942 RPKI validator's BGP Preview (using RIS): says it is >>> announced by AS1942 and is therefore invalid (ROA authorizes >>> AS2200 - not AS1942) So why does [1] say this prefix is announced >>> by AS2200? maybe it is announced by both? >> >> >> I do not know what is announced, but RIS observes the prefix with >> both origins. As the looking-glass widget states: >> >> "19 RRCs see 202 peers announcing 147.171.0.0/16 originated by 2 >> ASNs" >> >> https://stat.ripe.net/widget/looking-glass#w.resource=147.171.0.0%2F16 >> >> >> Actually, it is just one single peer on collector rrc04 (Geneva) which sees AS2200 as origin; that's why prefix-overview and routing-history >> do not show the info by default. You have to deselect 'Exclude low >> visibiliy' (prefix-overview) and 'No low visibility' >> (routing-history) options in the widgets to see it. >> >> RPKI validator's BGP Preview might be using similar logic. The >> latest RIS dump, http://ris.ripe.net/dumps/riswhoisdump.IPv4.gz >> lists 147.171.0.0/16 with both AS1942 (203 peers) and AS2200 (1 >> peer) as origin. >> >> prefix-routing-consistency widget appears to indeed have problems; >> at least in this case. It only shows a result for the route >> observed by the lowest amount of peers. >> >> >> -- Rene >> >> >> >> >> >>> btw: AS2200 and AS1942 have the same owner and AS2200 appears to >>> be the only upstream of AS1942. [1] >>> https://stat.ripe.net/widget/prefix-routing-consistency#w.resource=147.171.0.0%2F16 >>> >>> [2] https://stat.ripe.net/widget/prefix-overview#w.resource=147.171.0.0%2F16 >>> [3] >>> https://stat.ripe.net/widget/routing-history#w.resource=147.171.0.0%2F16 > >>> > -- https://twitter.com/nusenu_ https://mastodon.social/@nusenu
signature.asc
Description: OpenPGP digital signature
