[lacnog] IX LAN Prefixes - Should I Automate a Discard?

Job Snijders job en ntt.net
Mie Ene 15 14:56:38 GMT+3 2020


Dear Douglas, others,

On Tue, Jan 14, 2020 at 02:50:58PM -0400, Douglas Fischer wrote:
> Em ter., 14 de jan. de 2020 às 14:13, Job Snijders <job en ntt.net> escreveu:
> 
> > Well, the incentives are very much aligned with the network that
> > considers the deployment: if you care about this type of problem you
> > can easily protect yourself, if you choose to not deploy RPKI OV
> > your ASN may face more outages.
>
> You are right...  And I'm on a rush to make all as the book
> recommends (almost there).
> 
> But my point is that even if my house is organized, if my neighbors'
> house is messy, some part of the Internet will still break.  And even
> if it's not my problem, my clients will make my phone ring.
> 
> What I am trying to do is create mechanisms that make it possible for
> resource-poor and low-tech ASNs to do things the right way without
> much effort.
> 
> > The depency is not correct, you can create a "route-set:" with
> > arbritary content, no "route:" objects need to exist.
> >
> > I'm snipping the rest of your email since it seems based on the
> > premise that "route:" objects need to exist.
>
> My bad! If you say, I will trust.
> 
> @edsongley en gmail.com helped-me to create an array we all the prefixes on
> https://www.peeringdb.com/api/ixpfx
> Now its easy to put it into a Route-Set.
> 
> So, what remains is to define the better Person to create this Route-Set:.

perhaps... that person is you!

> But, if some Random guy would create this "Route-Set:", I wouldn't
> trust completely on him. And if I would create it, I would be this
> Random guy, and the other ASNs will not have motivations to trust-me.
> 
> Could We expect some institution to assume this?

I think, like many great initatives, it all starts with individuals who
produce something nice that can be used by others!

One way of addressing the transparency / trust aspect is to publish the
scripts (and methodology) that generate such a route-set. This way
people can choose to either generate the "route-set:" themselves, or
use the one that we provide.

I propose that you and I work off-list on the details, and publish the
result on http://bgpfilterguide.nlnog.net and other relevant places.

Kind regards,

Job


Más información sobre la lista de distribución LACNOG