ChatGPT says: SOVC in the context of RPKI (Resource Public Key Infrastructure) on a Cisco router stands for "Stale Origin Validation Cache". RPKI is a security framework designed to secure the Internet's routing infrastructure, primarily through route origin validation. It ensures that the Internet number resources (like IP addresses and AS numbers) are used by the legitimate owners or authorized AS (Autonomous System). In RPKI, Route Origin Authorizations (ROAs) are used to define which AS is authorized to announce a specific IP address block. Network devices, like Cisco routers, use these ROAs to validate the authenticity of BGP (Border Gateway Protocol) route announcements. The term "stale" in SOVC refers to a situation where the router's RPKI-to-Router protocol client has lost its connection to the RPKI server, or when the RPKI cache data is outdated and not refreshed for some reason. This can happen due to network issues, configuration errors, or problems with the RPKI server itself. When the RPKI cache is stale, the router cannot reliably validate BGP route announcements against the latest ROA data, potentially affecting routing decisions. In a network security context, maintaining an up-to-date RPKI cache is crucial for ensuring that the network only accepts legitimate routing announcements, thereby reducing the risk of routing hijacks or misconfigurations. As a network security engineer, managing and monitoring the RPKI status on routers is an important aspect of ensuring network security and integrity.
I see it mentioned in this doc: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/configuration/15-s/irg-15-s-book/irg-origin-as.pdf From: NANOG <[email protected]> on behalf of Mohammad Khalil <[email protected]> Date: Wednesday, January 31, 2024 at 10:35 AM To: NANOG list <[email protected]> Subject: SOVC - BGp RPKI Greetings Am have tried to find out what is the abbreviation for SOVC with no luck. #sh bgp ipv4 unicast rpki servers BGP SOVC neighbor is X. X. X. 47/323 connected to port 323 Anyone have encountered this? Thanks! Greetings Am have tried to find out what is the abbreviation for SOVC with no luck. #sh bgp ipv4 unicast rpki servers BGP SOVC neighbor is X.X.X.47/323 connected to port 323 Anyone have encountered this? Thanks!
