[NLNOG] AS3265 (XS4ALL) dropping invalid prefixes
Stavros
stavros at ams-ix.net
Tue May 21 17:42:32 CEST 2019
Hi Tim,
Well done for the good work and nice to see you using routinator for this job. I have two questions though:
- Shall I assume that you use the RTR protocol between your MX routers and routinator?
- (Speaking as an XS4ALL customer) will you notify your customers for the invalid/dropped prefixes
when you apply the policy to customer connections?
Best regards,
Stavros Konstantaras | NOC Engineer | AMS-IX
M +31 (0) 620 89 51 04 | T +31 20 305 8999
ams-ix.net <http://ams-ix.net/>
> On 21 May 2019, at 13:08, Tim Reinders <timr at xs4all.net> wrote:
>
> Hello all,
>
> AS3265 is now dropping all RPKI invalid prefixes received from (transit) peers.
>
> We run two geographically spread instances of Routinator.
> Our peering-edge consists of two MX960 routers running "JUNOS 17.4R2-S3.2”
>
> As of yet no real (customer) impact, this is reflected in the volume of traffic in
> netflow data containing RPKI invalid prefixes (pre/post reject)
>
> Remaining work is rejecting invalids on customer BGP sessions (handful) and writing
> meaningful alerts for our monitoring-stack (prometheus/alertmanager)
>
> Regards,
> Tim Reinders
> XS4ALL
> timr on #nlnog
> _______________________________________________
> NLNOG mailing list
> NLNOG at nlnog.net
> http://mailman.nlnog.net/listinfo/nlnog
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nlnog.net/pipermail/nlnog/attachments/20190521/f1e3602b/attachment.html>
More information about the NLNOG
mailing list