This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/db-wg@ripe.net/
[db-wg] recording ROV enforcement
- Previous message (by thread): [db-wg] recording ROV enforcement
- Next message (by thread): [db-wg] recording ROV enforcement
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Job Snijders
job at sobornost.net
Fri Mar 3 15:43:20 CET 2023
Dear all, Speaking as individual contributor. On Fri, Mar 03, 2023 at 03:36:37PM +0200, Aleksi Suhonen via db-wg wrote: > On 2/2/23 14:57, Tomas Hlavacek via db-wg wrote: > > This brings me to the question whether there is any structured and > > machine-readable way that the networks and IXPs can use to publish > > the fact that they enforce ROV? > > No. > > > It seems that the logical place for this would be IRR and therefore > > I am off-topic here, but since I am not aware of any previous > > efforts to extend the RPSL for this particular purpose and I can > > imagine reasons against it, I was wondering if there is something > > else, possibly in the non-IRR part of the RIPE DB or somewhere else? > > I suppose one could create a boolean in PeeringDB? I feel it fits the > purpose of that database better than IRR... A few years ago such an idea was discussed in PeeringDB: https://github.com/peeringdb/peeringdb/issues/56 I still have my doubts about the usefulness of extending RPSL (or PeeringDB) for network operators to publish whether they enforce RPKI-ROV or not. I'll try to explain my reasoning: Enforcing RPKI-ROV (which I take to mean the practise of rejecting RPKI-invalid BGP routes) very much is "show, don't tell": you filter routes based on RPKI data or you don't, but the act of informing the world about the filtering is not the filtering itself. As such, the field's scope would reduce to "we intend to enforce RPKI-ROV: yes/no". But what do these intentions mean? Right now? Tomorrow? Next year? I also think a boolean data type is a poor fit for a complex topic like RPKI-ROV: it is possible a network operator uses RPKI to filter routes on some EBGP sessions but not all EBGP sessions. For example AT&T/AS 7018 applies RPKI-ROV on EBGP sessions facing their peering partners, but not facing their customers. Would they enter value '0.5' in such a field? :) It's also possible RPKI-ROV is temporarily disabled on one (not all) EBGP routers in a given network (because of some kind of software defect), causing some friction between the stated intentions and external observations. I understand the academic interest to compare observations to stated intentions, but from my perspective it feels a bit like forcing network operators to participate in a monthly survey about RPKI-ROV. Kind regards, Job
- Previous message (by thread): [db-wg] recording ROV enforcement
- Next message (by thread): [db-wg] recording ROV enforcement
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]