[DBWG] route-object auto-created from a ROA

Amreesh Phokeer amreesh at afrinic.net
Wed Oct 10 06:33:17 UTC 2018 

Hi Avinash,

Thanks for starting this discussion. We had an internal discussion about which way (IRR->ROAs or ROAs -> IRR) would be best.

IMO, creating route objects from the current MyAFRINIC ROA interface doesn’t seem to be practical, as a ROA can contain several prefixes (v4 and/or v6) + max length. We can have a section on MyAFRINIC where the user can manage all IRR objects related to the resources the member holds. During creation of a route(6) object, if the member’s RPKI engine is activated, an option to create a ROA appears, the user ticks the “Create ROA” checkbox and both route objects and the ROAs are generated. Similarly, when a route object is deleted, the equivalent ROA is revoked. 

Caveats to be dealt with:
- ROAs have additional information such as start and end dates and max length, route objects have prefix-length only.
- ROAs cannot be modified, they can only be revoked
- Route objects do not have max-length i.e. the max-length in the ROA should be set equal to the prefix-length to match the route object

Thoughts?

--
Amreesh

> On 10 Oct 2018, at 10:15, Job Snijders <job at ntt.net> wrote:
> 
> Dear Avinash and working group,
> 
> On Fri, 5 Oct 2018 at 15:59, Avinash GOKHOOL <avinash at afrinic.net> wrote:
> We have received a request from a member asking to have the possibility
> of creating corresponding route objects from their ROAs.
> 
> While this is technically possible, it is not really the normal way of
> adding authoritativeness to BGP announcements. You would normally create
> your route objects and then issue ROAs according to the announcements.
> 
> We would like to have your input with regards to the added value that
> such a tool would provide to members.
> 
> Please feel free to share your ideas and concerns.
> 
> 
> The semantics of RPKI ROAs place a ROA at a higher precedence then an IRR route object.
> 
> NTT already considers RPKI ROAs as if they are IRR route objects.
> 
> I am a proponent of this suggestion and think this will positively impact the AFRINIC resource holders.
> 
> Kind regards,
> 
> Job
> _______________________________________________
> DBWG mailing list
> DBWG at afrinic.net
> https://lists.afrinic.net/mailman/listinfo/dbwg

More information about the DBWG mailing list