On Sat, Feb 12, 2011 at 6:19 AM, Randy Bush <[email protected]> wrote: >>> Route filters in many ISPs are created and validated nightly and >>> pushed to routers if a filter change is needed. >>> That isn't usually done in real time. It is almost always done on >>> COTS hardware (not on the router it's self). >> >> agreed, there's some cycle to update filters... the problem is that >> the source of the filter data is ... horrendous. there's no way to >> validate what you THINK should be there vs what IS there. there is no >> way to mechanically keep this data updated, to disqualify bad data and >> to use quality data. >> >> Auto-adding routes because your customer announces you a route is ... >> not a good plan. auto-adding these to the IRR which is then globally >> available and not-fixable by the actual origin is also 'bad'. >> >> we can do better, rpki provides a path to making that better. rpki is >> not all of the sidr work though. > > actually, at the request of a rather large provider, the rpki data are > faked into a pseudo-irr instance which those who base filters on irr > (for example, the verio/ntt) can use. e.g. > > rair.local:/Users/randy> whois -h whois.rpki.net 198.180.152.0/24 > route: 198.180.152.0/24 > descr: 198.180.152.0/24-24 > origin: AS4128
oh lookie, someone did the join for me :) _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
