the semantics of AS0 in ROAs
Christoph
cm at appliedprivacy.net
Sat Oct 5 13:30:00 CEST 2019
>> As I understand it BIRD's ROA check as seen in the
>> documentation will return a RPKI validity state of VALID
>> if the last AS_PATH item was of type AS_SET and the
>> address holder created a ROA with AS0 for it.
>
> That is a good point, but the ROA check verifies that ASN is non-zero
> in order to success:
>
> if (asn && (roa->asn == asn) && (roa->max_pxlen >= px->pxlen))
> return ROA_VALID;
>
> So it should be correct.
>
I assume 'asn' is the equivalent of 'bgp_path.last' there.
Thanks for getting back to me and verifying that there
is no issue so fast, really appreciated!
More information about the Bird-users
mailing list