Hi, Quite right, Sorry about that, I missed it as I scanned the documentation - and landed on the example config..
Great to hear it's high on your roadmap :) Tim > On 21 Jun 2019, at 10:53, Maria Jan Matejka <jan.mate...@nic.cz> wrote: > > Hello! > > On 6/21/19 9:09 AM, Tim Bruijnzeels wrote: >> I am not sure if this is an artefact of my set-up, or a missing feature / >> bug in Bird. > > Yes, it is a documented missing feature in Bird, see the RPKI chapter in > documentation: > > You can validate routes (RFC 6483) using > function <cf/roa_check()/ in filter and set it as import filter at the > BGP > protocol. BIRD should re-validate all of affected routes after RPKI > update by > RFC 6811, but we don't support it yet! You can use a BIRD's client > command > <cf>reload in <m/bgp_protocol_name/</cf> for manual call of > revalidation of all > routes. > >> [...] >> >> According to RFC6811 affected prefixes MUST be re-validated when the cache >> has changes: >> https://tools.ietf.org/html/rfc6811#section-4 >> >> My work-around was to restart the sessions with peers and this forced >> re-validation. But it is not the best solution. I also loose all the routes >> temporarily. > > Use > reload in <protocolname> > after ROA is changed. > >> Is this a local issue? Did I miss something in my set-up? Or is this >> expected behaviour in Bird? If so, is supporting re-validation on the >> roadmap? > > Yes, it is even partially done, anyway it needed some internal structural > changes > inside BIRD. We know about it and we consider it better to have limited ROA > support > instead of having nothing. > > This is one of the hottest features to be done ASAP. > > Maria > developer of BIRD >
