[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

"Is BGP safe yet?" test

Subject: "Is BGP safe yet?" test
From: nanog at as397444.net (Matt Corallo)
Date: Tue, 21 Apr 2020 09:11:50 -0700
In-reply-to: <[email protected]>
References: <[email protected]>

Right until RIPE finishes deploying AS0 ROAs for bogons, which I recall is moving forward :p.

> On Apr 21, 2020, at 03:01, Mark Tinka <mark.tinka at seacom.mu> wrote:
> 
> ï»¿
> 
>> On 21/Apr/20 08:51, Matt Corallo via NANOG wrote:
>> 
>> Instead of RIRs coordinating address space use by keeping a public list which is (or should be) checked when a new peering session is added, RPKI shifts RIRs into the hot path of routing updates. Next time the US government decides some bad, bad, very bad country should be cut off from the world with viral sanctions, thereâ??s a new tool available - by simply editing a database, every border router in the world will refuse to talk to $EVIL.
> 
> This keeps coming up.
> 
> If a ROA disappears, RPKI state reverts to NotFound. Unless dropping
> "NotFound" is now BCP, I think we'll be okay.
> 
> Mark.

References:
- "Is BGP safe yet?" test
  - From: mark.tinka at seacom.mu (Mark Tinka)

Prev by Date: "Is BGP safe yet?" test
Next by Date: "Is BGP safe yet?" test
Previous by thread: "Is BGP safe yet?" test
Next by thread: "Is BGP safe yet?" test
Index(es):
- Date
- Thread