Hi, I'm in the process of adding RPKI-RTR (RFC6810) support to OpenBGPd and I am wondering about how others have implemented it.
- How is the process started ? Currently, when I start bgpd, it will fetch a list of VRP from the cache and at the same time get prefixes from its peers. As soon as it gets a VRP, it will try to validate prefixes in the RIB. The goal is to get a state as sooner as possible to apply filters if needed. The problem is I can have an unknown state in the case a prefix tries to get validated while the VRP list is not complete. The solution is to make another round of validation when I get a complete VRP list. Do you wait until you get a complete VRP list (ENDOFDATA message) before starting the validation process ? - How are subsequent validation handled ? Do you start the validation process as soon as you get a new VRP or do you wait for a refresh timer ? In the former, a prefix could stay in the wrong state for some time. I am assuming that every new prefix is validated as it arrives. Thank you in advance, Denis _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
