7;s to stop any other
AS other then mine from advertising my IP space. Is that correct? How
is verification done? They connect to the RIR and verify that there is
a cert signed by the RIR for my range?
On Thu, Aug 20, 2020 at 9:51 AM Fabien VINCENT (NaNOG) via NANOG
wrote:
Hi,
In fact, RP
Hi,
In fact, RPKI does nothing about AS Path checks if it's your question.
RPKI is based on ROA where signatures are published to guarantee you're
the owner of a specific prefix with optionnal different maxLength from
your ASN.
So if the question is about if RPKI is sufficient to secure the
Le 2019-07-12 17:22, Francois Lecavalier a écrit :
> Anyone knows where bgpview.io gets its data from?
>
> We have a BGP session with the routeviews project and qrator but bgpview.io
> still doesn't get the whole picture of our network.
>
> This e-mail may be privileged and/or confidential,
Le 2018-07-09 18:10, valdis.kletni...@vt.edu a écrit :
On Mon, 09 Jul 2018 15:21:31 +0200, "Fabien VINCENT (NaNOG)" said:
I think it's still used a bit ? I see today announcements over the
following OriginAS over more than 2000 peers.
as1103SURFnet bv
as1835Forsknings
Le 2018-07-06 16:43, Gary McArtor a écrit :
Hi Youssef,
My original reply wasn't sent to the Nanog list.
Team Cymru considers 2002::/16 and 192.88.99.0/24 to be legitimate
prefixes at this time, and will be not be adding them to our bogon
filters. Our interpretation of the 6to4 anycast rfc
CL.
Yeah agreee, but not usable and programmable regarding huge upstreams
values (over 100, I know hw even for smaller values that will say "my
ASIC is limited man").
On 6 March 2018 at 23:16, Fabien VINCENT (NaNOG)
wrote: Le 2018-03-06 19:39, Barry Greene a écrit :
On Mar 2
Le 2018-03-06 19:39, Barry Greene a écrit :
>> On Mar 2, 2018, at 1:53 PM, Fabien VINCENT (NaNOG)
>> wrote:
>> Hope one day the 3rd mode of uRPF will be something else than a plan ...
>> uRPF is not very usefull when multi homed. And as far as I know, multi
>> ho
Le 2018-03-02 23:11, Matthew Petach a écrit :
> On Tue, Feb 27, 2018 at 4:13 PM, Dan Hollis wrote:
>
>> OVH does not suprise me in the least.
>>
>> Maybe this is finally what it will take to get people to de-peer them.
>
> If I de-peer them, I pay my upstream to carry the
> attack traffic.
>
Le 2018-03-02 22:07, Barry Raveendran Greene a écrit :
> Hi Todd,
>
> What you are describing is uRPF VRF mode. This was phase 3 of the uRPF work.
> Russ White and I worked on it while at Cisco.
>
> Given that you are setting up prefix filters with your peers, you can add to
> the peering agr
