ASPA result when ASPA table is empty? (disconnected or 0 entries supplied)
Alarig Le Lay
alarig at swordarmor.fr
Mon Apr 14 16:56:16 CEST 2025
Hello,
On Mon 14 Apr 2025 15:57:48 GMT, Jeroen Massar via Bird-users wrote:
> If we simply define:
>
> ```
> aspa table aspas;
> ```
>
> and then call a `aspa_check(aspas, ...., ...)` then I sometimes
> receive a ASPA_VALID back, especially for paths with only 1 ASN.
>
> This, while that table is really empty.
The RFC wording isn’t 100% clear, but it’s exepected:
https://www.ietf.org/archive/id/draft-ietf-sidrops-aspa-verification-22.html#name-as_path-verification
TL;DR: if the path lenght is one, and the peer AS equals the AS path,
then it’s a valid ASPA path.
--
Alarig
More information about the Bird-users
mailing list