Re: AS3356 Announcing 2000::/12

2022-12-07 Thread Don Beal
That would be a nice start :-) On Thu, Dec 8, 2022 at 6:45 AM Heasley wrote: > > > Am 12/7/22 um 22:25 schrieb Don Beal : > >  > How can RPKI / OV prevent such a leak when there is no ROA for 2000::/12, > > > If all ASes participated, no „unknowns“, unknowns could be dropped, …. >

Re: AS3356 Announcing 2000::/12

2022-12-07 Thread Christopher Morrow
On Thu, Dec 8, 2022 at 1:45 AM Heasley wrote: > > > > Am 12/7/22 um 22:25 schrieb Don Beal : > >  > How can RPKI / OV prevent such a leak when there is no ROA for 2000::/12, > > > If all ASes participated, no „unknowns“, unknowns could be dropped, …. > yea that might be a tad dangerous today :(

Re: AS3356 Announcing 2000::/12

2022-12-07 Thread Heasley
Am 12/7/22 um 22:25 schrieb Don Beal :How can RPKI / OV prevent such a leak when there is no ROA for 2000::/12,If all ASes participated, no „unknowns“, unknowns could be dropped, …. what would 6762|2914|174|* invalidate against? Until a future where everything is 'valid', RPKI is unable to pare

Re: AS3356 Announcing 2000::/12

2022-12-07 Thread Don Beal
How can RPKI / OV prevent such a leak when there is no ROA for 2000::/12, what would 6762|2914|174|* invalidate against? Until a future where everything is 'valid', RPKI is unable to pare out less-specific conflicts. It does look like 3356 pulled the announcement, which is good. On Thu, Dec 8,

RE: AS3356 Announcing 2000::/12

2022-12-07 Thread Ryan Hamel
These as well: 3257 3356 3491 3356 They probably leaked a hold down route. Ryan Hamel -Original Message- From: Christopher Morrow Sent: Wednesday, December 7, 2022 8:48 PM To: r...@rkhtech.org Cc: nanog@nanog.org Subject: Re: AS3356 Announcing 2000::/12 On Wed, Dec 7, 2022 at 11:25

Re: AS3356 Announcing 2000::/12

2022-12-07 Thread Christopher Morrow
On Wed, Dec 7, 2022 at 11:25 PM Ryan Hamel wrote: > > AS3356 has been announcing 2000::/12 for about 3 hours now, an aggregate > covering over 23K prefixes (just over 25%) of the IPv6 DFZ. > > interesting that this is leaking outside supposed RPKI OV boundaries as well. For example: 6762 3356

AS3356 Announcing 2000::/12

2022-12-07 Thread Ryan Hamel
AS3356 has been announcing 2000::/12 for about 3 hours now, an aggregate covering over 23K prefixes (just over 25%) of the IPv6 DFZ. Prayers for anyone impacted, the team announcing it, and the team resolving the issue. Ryan Hamel

Re: Experiences with commercial NOS vendors in white box space

2022-12-07 Thread netops Network Operations via NANOG
Good Day Gents, Really interesting topic. Playing around few NOSes for white boxes during the last few years or so and run into A LOT of bugs, and sometimes support is awful, being unable to fix or provide solutions for pretty simple things like BGP doesn't support LLGR and it causes BGP to work