nanog mailing list archives
Re: RFC 9234 route leak prevention in the wild!
From: Richard Laager via NANOG <nanog () nanog org>
Date: Wed, 4 Sep 2024 21:28:58 -0500
On 2024-09-02 08:33, Job Snijders via NANOG wrote:
I'd like to share an update on RFC 9234 deployment. RFC 9234 titled "BGP Open Policy" aka the "Only-To-Customer" (OTC) BGP Path Attribute is an anti-route-leak mechanism which is *NOT* based on RPKI! (yes ... routing security is more than just RPKI! :-)
Calgary-based YYCIX deployed RFC9234 support in late 2022/early 2023 using OpenBGPD; and FranceIX deployed support using BIRD in Q2 2024. Both IXPs configured their route servers to reject BGP routes that have an OTC attribute attached, and to attach an OTC attribute when propagating routes to the Route Server's peers.
Do they have configuration snippets available anywhere?With BIRD, it looks like a global "local role rs_server;" might be all that is needed.
-- Richard
Current thread:
- RFC 9234 route leak prevention in the wild! Job Snijders via NANOG (Sep 02)
- Re: RFC 9234 route leak prevention in the wild! Richard Laager via NANOG (Sep 04)
- Re: RFC 9234 route leak prevention in the wild! Jon Lewis (Sep 05)
- Re: RFC 9234 route leak prevention in the wild! Mike Leber via NANOG (Sep 07)
- Re: RFC 9234 route leak prevention in the wild! Douglas Fischer (Sep 18)
- <Possible follow-ups>
- Re: RFC 9234 route leak prevention in the wild! Marinho Barcellos via NANOG (Sep 23)