[j-nsp] Please push Juniper to implement RFC6907
Mark Tinka
mark.tinka at seacom.mu
Thu Oct 10 08:46:16 EDT 2019
On 10/Oct/19 11:29, Weber, Markus wrote:
> https://github.com/RIPE-NCC/rpki-validator-3 ...
Well, we are still on 2, as we found 3 to be just a hot mess.
> Interesting. 7018 mentioned for another prefix "2402:7500::/32.
> Our IOS-XR routers see the received as-path as '2914 9924 9924 9924
> {24158,131614}'. The relevant VRP authorizes only 24158 to originate
> 2402:7500::/32-48."
So even that isn't showing up in our validator. So either there is a
bug, or a feature, at play. I'll ask RIPE.
> Any idea how to workaround this in JunOS other than building
> filters "somewhere else"? I wouldn't know how to easily drop
> paths with AS_SET in JunOS.
No idea, but I am sure one could build a filter. However, it doesn't
strike me as an immediate benefit that this has been done across both
our peers and upstreams.
Mark.
More information about the juniper-nsp
mailing list