<WARN> xxxx.ipv4: Automatic RPKI reload not active for import

[Maria Matejka]

Hello!

On Fri, Sep 06, 2024 at 10:18:34PM +0900, ushiroz at ate-mahoroba.jp wrote:

> The warning log is outputting something like “<WARN> xxxx.ipv4: Automatic RPKI reload not active for import”.
> 
> I am using roa_check() and rpki_reload switch is set to default (on).
> 
> The help page on “rpki reload switch” says that the BGP channel requires import table for automatic reload, so I am aware that if I add the definition of “import table on”, this warning will no longer appear.
> 
> However, in the help section on “import table switch
> Note that currently the import table breaks routes with recursive nexthops (e.g. ones from IBGP, see gateway recursive (p. 47)), they are not properly updated after next hop change.
> and we have not been able to fully determine the contents of this message.

This applies to the import table contents where the recursive nexthops
don't get updated properly. The main table contents is not affected.

Therefore you can use import table, the only problem will be that if you
show routes from the import table, you should disregard what is shown as
the local nexthop.

> Is there any way around this warning other than “import table switch”?

You can switch off rpki autoreload but this is not recommended at all.
It's better to enable the import table.

Happy routing!

Maria

-- 
Maria Matejka (she/her) | BIRD Team Leader | CZ.NIC, z.s.p.o.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20240906/7ef841a9/attachment.htm>