RPKI / roa_check() question - BIRD 2.0.2
Jan Maria Matějka
jan.matejka at nic.cz
Wed Apr 11 19:09:41 CEST 2018
The bgp_path.last_nonaggregated attribute should help you. Don't have user manual right now here, writing from my phone, just trying to recall it from my memory.
Maria
Quidquid latine dictum sit, altum videtur.
-----Original Message-----
From: Radu Anghel <radu.anghel at xindi.ro>
To: bird-users at network.cz
Sent: Wed, 11 Apr 2018 6:34 PM
Subject: RPKI / roa_check() question - BIRD 2.0.2
Hello,
I have found this while doing RPKI validation:
net = 94.127.104.0/21
bgp_path = 48112 6830 174 13110 {30884 65004 65005}
BGP.aggregator: 10.253.27.1 AS13110 (don't know how to read this from a var)
roa_check(rpki4, net, bgp_path.last) returns ROA_INVALID because BIRD
thinks bgp_path.last = 0
There is a valid ROA for 94.127.104.0/21 and AS13110, so I guess the
validation should be done on the aggregator AS.
Could you tell me what is the corect way to handle this?
TIA,
Radu
More information about the Bird-users
mailing list