On Sat, 14 May 2022 at 00:17, Jakob Heitz (jheitz) wrote:
Hey Jakob,
> 'RPKI-tested-only' will store all routes that encounter a 'validation-state'
> test
> in the inbound route policy. In that case, when an RPKI server updates a VRP
> to the
> router, it can re-run the inbound policy from the
On 14/05/2022 00:16, Jakob Heitz (jheitz) via NANOG wrote:
'RPKI-dropped-only' causes the dropped routes to be stored. This will prevent
the unnecessary route-refreshes described above. It does not prevent all
route-refreshes, but uses significantly less memory than 'RPKI-tested-only'
Regards,
Not sure if you have this already, but their phone number is +1
866-899-8998.
On Tue, May 10, 2022 at 10:41 AM Mark Stevens wrote:
> Verizon Wireless had a serious 4G/LTE issue affecting the Thingspace
> product that cause a complete outage for many of our customers.
> It would be greatly apprec
Hank Nussbacher wrote on 14/05/2022 19:15:
In the end, the reason for all this RPKI-thingy is to prevent route
spoofing by malicious actors.
a malicious actor will spoof the origin AS. The aim of RPKI to help
stop mis-origination of prefixes, and the root cause of most of this is
accidental.
> In the end, the reason for all this RPKI-thingy is to prevent route
> spoofing by malicious actors.
sigh. for my quarterly posting of the same many year old text
To be clear, as people keep calling BGP security 'RPKI',
RPKI
The RPKI is an X.509 based hierarchy [RFC 6481] which is con
5 matches
Mail list logo
