Hi Randy,
On 25 Jun 2020, at 16:57, Randy Bush <randy@psg.com> wrote:
alex,
you point out a serious concern, when creating a ROA will i do damage? the way the DRL CA gooey has handled this for a decade+ is to have a full bgp dump and to compare the prospective new ROA to that dump. krill seems to be following this path. cool. what does the NCC's CA do in this space (i only use delegated, so do not see it)?
The ROA management in the RIPE NCC Portal uses these RIS dumps: http://www.ris.ripe.net/dumps/ As far as I know APNIC and LACNIC offer something similar, with the former also creating matching route objects in the same UI. Krill uses these RIS dumps too for this initial release, but we intend to evolve it over the next releases with something more real-time, as well as letting you plug in a local router feed, add tagging, staging of ROAs, warning of liberal maxLength, etc. Combined with the Prometheus monitoring we already have, it should provide a quick alerting system if problematic announcements appear. Props to DRLs pioneering work. -Alex