This is the tool we're using at IX Denver:
https://arouteserver.readthedocs.io/en/latest/index.html
RPKI is currently turned off at IX Denver. Doug,If you're interested
then I'll unicast you the output of the script. It's a bit large for
the list.
On Wed, Dec 13, 2017 at 2:46 PM, Doug McIntyre <[log in to unmask]> wrote:
> On Fri, Dec 08, 2017 at 11:06:50PM -0600, Richard Laager wrote:
>>
>> Zero length is a subset of “doesn’t start with their AS”, so if we filter
>> on that condition, hopefully we will catch that too.
>
>
>
> BIRD is probably the best tool for the job for doing the import BGP
> filtering for
> conditions based on either AS Path = 0 or start with their AS.
> It sounds like people want the BGP import function to change to include
> something like
>
> function route_import(int asn)
> {
> ....
> if bgp_path.first != asn then return false;
> if bgp_path.len > 25 then return false;
> if bgp_next_hop != from then return false;
> return true;
> }
>
> Are there other conditions that should be filtered on? (this is taken
> mostly from Ondřej Surý's examples).
>
> As for doing RPKI, it looks like BIRD v2.0 supports that in some fashion,
> but that
> would have to be tested out in a lab. How many members would have an ROA
> already?
>
>
>
> --
> Doug McIntyre <[log in to unmask]>
> ~.~ ipHouse ~.~
> Network Engineer/Provisioning/Jack of all Trades
--
Jay Hanke
CTO
Neutral Path Communications
3 Civic Center Plaza, Suite 204
Mankato, MN 56001
(507) 327-2398 mobile
[log in to unmask]
www.neutralpath.net
