On Sat 10 Oct 2020 22:05:45 GMT, Fabiano D'Agostino wrote: > How does roa_check(roa_table,net,bgp_path.last) work? > Having such a ROA as example: > origin AS: 64513 > prefix: 78.150.40.0/20 > max mask: 24 > > and a BGP announcement: > origin AS: 64514 > prefix: 78.150.45.0/22 > > so it's as invalid, but how does this check work? > roa_table: validated roa record (validated cache) > net: should be the current prefix so 78.150.45.0/22 > what is bgp_path.last and how does roa_check function do the check? > > Thanks, > > Fabiano
I don’t know how you endded up to this data, but the /20 should be 78.150.40.0/20 and the /22 78.150.45.0/22. Also 64513 is a private ASN, so announcing public space from a private ASN will be invalid, whatever you try to do. -- Alarig
