Re: If I announce 192.0.2.0/24, do I need a discard route? (Looking for a reference…)

On Wed, Jan 31, 2024 at 12:30 PM Warren Kumari wrote: > So, let's say I'm announcing some address space (e.g 192.0.2.0/24), > but I'm only using part of it internally (e.g 192.0.2.0/25). I've always > understood that it's best practice[0] to have a discard route (eg static > to null0/discard or

SOVC - BGp RPKI

Greetings Am have tried to find out what is the abbreviation for SOVC with no luck. #sh bgp ipv4 unicast rpki servers BGP SOVC neighbor is X.X.X.47/323 connected to port 323 Anyone have encountered this? Thanks!

Re: SOVC - BGp RPKI

> > I see it mentioned in this doc: > > https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/configuration/15-s/irg-15-s-book/irg-origin-as.pdf You see SOVC mentioned, yes. But you don't see the word 'stale'. Please don't just paste what ChatGPT says. It's not an authoritative source.

Re: If I announce 192.0.2.0/24, do I need a discard route? (Looking for a reference…)

> On Jan 31, 2024, at 12:30, Warren Kumari wrote: > > Hey all, > > This falls into the "Somebody is wrong on the Internet …" category. Doesn’t everything eventually end up there? > So, let's say I'm announcing some address space (e.g 192.0.2.0/24 > ), but I'm only

Re: If I announce 192.0.2.0/24, do I need a discard route? (Looking for a reference…)

On Wed, Jan 31, 2024 at 1:46 PM Warren Kumari wrote: > On Wed, Jan 31, 2024 at 3:56 PM, William Herrin wrote: >> On Wed, Jan 31, 2024 at 12:30 PM Warren Kumari wrote: >> Your router won't announce 192.0.2.0/24 unless it knows a route to >> 192.0.2.0/24 or has been configured to aggregate any

Re: NFPA 70 National Electrical Code 2026 first draft changes

On Tue, Jan 30, 2024 at 8:05 AM Jay Hennigan wrote: > On 1/29/24 16:11, Jay R. Ashworth wrote: > >> It mostly just renumbers/reorganizes the NEC. Old time electricians will > >> grumble because almost every code number changes. > > > > The NEC is included *by copy* in some state statutes, is it

Re: If I announce 192.0.2.0/24, do I need a discard route? (Looking for a reference…)

> > It that always true? I'd started off thinking that, but a friend of mine > (yes, the same one that started this argument) convinced me that > some forms of BGP summarization/aggregation don't always generate a "local" > route… > > I'd also thought that I'd seen this when redistributing an IGP

Re: SOVC - BGp RPKI

I’m not sure what the acronym is, but I believe it’s an origin validator connection. (bap rpki server) Owen > On Jan 31, 2024, at 05:16, Mohammad Khalil wrote: > > Greetings > Am have tried to find out what is the abbreviation for SOVC with no luck. > > #sh bgp ipv4 unicast rpki servers >

Re: ru tld down?

Unrelated question, but this error made me notice: Why do they put their DNS servers in an unsigned zone? I can't figure out a good reason to do that when you have all the signing infrastructure in place. But I guess there must be a reason? Bjørn

Re: If I announce 192.0.2.0/24, do I need a discard route? (Looking for a reference…)

Hello Warren, Speaking from my experience here. You've understood correctly. You need to create a null/blackhole route within your routing table (static routes work best as it guarantees the route exists) in order to announce the /24 supernet if you're using longer subnets (/25 to /32). The

If I announce 192.0.2.0/24, do I need a discard route? (Looking for a reference…)

Hey all, This falls into the "Somebody is wrong on the Internet …" category. So, let's say I'm announcing some address space (e.g 192.0.2.0/24), but I'm only using part of it internally (e.g 192.0.2.0/25). I've always understood that it's best practice[0] to have a discard route (eg static to

Re: SOVC - BGp RPKI

ChatGPT says: SOVC in the context of RPKI (Resource Public Key Infrastructure) on a Cisco router stands for "Stale Origin Validation Cache". RPKI is a security framework designed to secure the Internet's routing infrastructure, primarily through route origin validation. It ensures that the

Re: If I announce 192.0.2.0/24, do I need a discard route? (Looking for a reference…)

On Wed, Jan 31, 2024 at 3:56 PM, William Herrin wrote: > On Wed, Jan 31, 2024 at 12:30 PM Warren Kumari wrote: > > So, let's say I'm announcing some address space (e.g 192.0.2.0/24), but > I'm only using part of it internally (e.g 192.0.2.0/25). I've always > understood that it's best

Re: SOVC - BGp RPKI

I'd be curious to know why it thinks that the S is "Stale".  I don't suppose it cites its sources? Compton, Rich via NANOG wrote: ChatGPT says: SOVC in the context of RPKI (Resource Public Key Infrastructure) on a Cisco router stands for "Stale Origin Validation Cache". RPKI is a security

Re: If I announce 192.0.2.0/24, do I need a discard route? (Looking for a reference…)

On Wed, Jan 31, 2024 at 5:20 PM, Tom Beecher wrote: > It that always true? I'd started off thinking that, but a friend of mine >> (yes, the same one that started this argument) convinced me that >> some forms of BGP summarization/aggregation don't always generate a "local" >> route… >> >> I'd

Re: SOVC - BGp RPKI

SOVC appears to be a Cisco-specific acronym and it’s pretty certain that the OVC stands for Origin Validation Cache. My best intuition based on the research I’ve been able to do is that the S stands for Secure (on the pretense that RPKI and Origin Validation have something to do with security

Re: route: 0.0.0.0/32 in LEVEL3 IRR

> > Even though it is very risky to steal resources from an organization > that can deploy a black helicopter or a nuclear warhead over you > Seems a bit dramatic. Companies all over the world have been using other people's public IPs internally for decades. I worked at a place 20 odd years ago

Re: route: 0.0.0.0/32 in LEVEL3 IRR

For many years, a large customer (telco/VOIP/ISP carrier that should have known better) of a former employer was using 11.0.0.0/8 as an extension of 10.0.0.0/8 and literally forced said employer to carry their routes to those prefixes in those tables (or lose an extremely lucrative contract).

Re: SOVC - BGp RPKI

How polite of it to apologize!! I asked Bing’s Copilot and it says SOVC stands for “Signed Object Validation Cache” but I wasn’t able to get a source for that either ☹ Oh these AI times… Warm regards, Sofía -- I am sending this email at a time that suits me and the time zone I work in.

Re: If I announce 192.0.2.0/24, do I need a discard route? (Looking for a reference…)

> On Jan 31, 2024, at 13:46, Warren Kumari wrote: > > > > > > On Wed, Jan 31, 2024 at 3:56 PM, William Herrin > wrote: >> On Wed, Jan 31, 2024 at 12:30 PM Warren Kumari > > wrote: >> >> So, let's say I'm announcing some address space (e.g

Re: SOVC - BGp RPKI

I think it hallucinated. When asked to site its sources: “I apologize for the confusion, but my response about "SOVC" in the context of RPKI on Cisco routers was based on general knowledge of RPKI and networking principles, not from a specific source. The explanation combined standard

Re: route: 0.0.0.0/32 in LEVEL3 IRR

On 01/02/2024 01:45, Tom Beecher wrote: Seems a bit dramatic. Companies all over the world have been using other people's public IPs internally for decades. I worked at a place 20 odd years ago that had an odd numbering scheme internally, and it was someone else's public space. When I asked

AWS WAF list

Hello, We found out recently that we are on the HostingProviderIPList (found here https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-ip-rep.html) at AWS and it's affecting our customers' access to various websites.  We are a datacenter, and a hosting provider, but