On 19/03/2021 10:06, Ben Maddison via routing-wg wrote:
Hi Nathalie,
On 03/18, Nathalie Trenaman wrote:
Dear Colleagues, Working Group,
As discussed previously in this mailing list, some community members expressed that they would like to see the RIPE NCC perform Route Origin Validation on AS3333. We decided to ask the community for advice and guidance on how we should proceed.
What is Route Origin Validation? Route Origin Validation is a mechanism by which route advertisements can be authenticated as originating from an expected autonomous system (AS). The best current practice is to drop RPKI invalid BGP announcements. These are announcements that conflict with the statement as described in a Route Origin Authorization (ROA).
I believe that you have hit the nail on the head here: dropping ROV Invalids has (IMO) now become the best practice for operators of all sizes. It is no longer some experimental technique for academics and people that live at the bleeding edge.
We wouldn't have the same debate about dropping martians, right?
I am not sure it is possible, but I would love to see some centralized site where all dropped ROV invalids would appear. This way I can see if I have a problem as well as if someone tried to hijack my space but was thwarted by the drop. Regards, Hank Caveat: The views expressed above are solely my own and do not express the views or opinions of my employer