Hi,
Having different data is obvious. I am not saying this is a problem.
Having data in one cache which will invalidate a valid prefix due to
loose consistency is a problem. It has been pointed to Alvaro that he
may indicate prefix as INVALID due to this reason.
Thx,
R..
Robert Raszuk wrote:
Hi,
If I am not mistaken there was a Randy's comment today at the mic
indicating that an AS may consider a path origin validation as INVALID
as compared to the peering AS just because the "RPKI may not be
synchronized"
Is this at all possible ? Doesn't RPKI already have been enhanced
sufficiently to avoid mis-detections even in the AS migration cases ?
you may find the first para of section 6 of draft-ietf-sidr-origin-ops
useful. to save you actually reading the draft
Like the DNS, the global RPKI presents only a loosely consistent
view, depending on timing, updating, fetching, etc. Thus, one cache
or router may have different data about a particular prefix than
another cache or router. There is no 'fix' for this, it is the
nature of distributed data with distributed caches.
rany
_______________________________________________
sidr mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/sidr
