>> Route filters in many ISPs are created and validated nightly and
>> pushed to routers if a filter change is needed.
>> That isn't usually done in real time. It is almost always done on
>> COTS hardware (not on the router it's self).
>
> agreed, there's some cycle to update filters... the problem is that
> the source of the filter data is ... horrendous. there's no way to
> validate what you THINK should be there vs what IS there. there is no
> way to mechanically keep this data updated, to disqualify bad data and
> to use quality data.
>
> Auto-adding routes because your customer announces you a route is ...
> not a good plan. auto-adding these to the IRR which is then globally
> available and not-fixable by the actual origin is also 'bad'.
>
> we can do better, rpki provides a path to making that better. rpki is
> not all of the sidr work though.
actually, at the request of a rather large provider, the rpki data are
faked into a pseudo-irr instance which those who base filters on irr
(for example, the verio/ntt) can use. e.g.
rair.local:/Users/randy> whois -h whois.rpki.net 198.180.152.0/24
route: 198.180.152.0/24
descr: 198.180.152.0/24-24
origin: AS4128
notify: [email protected]
mnt-by: MAINT-RPKI
changed: [email protected] 20100914
source: RPKI
randy
_______________________________________________
sidr mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/sidr
