[sidr] Some test results of ROA issuing for sharing
"Yu Fu" <fuyu@cnnic.cn> Wed, 23 September 2015 01:21 UTC
Return-Path: <fuyu@cnnic.cn>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D7F181B3075 for <sidr@ietfa.amsl.com>; Tue, 22 Sep 2015 18:21:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.089
X-Spam-Level:
X-Spam-Status: No, score=0.089 tagged_above=-999 required=5 tests=[BAYES_50=0.8, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TAB36PEnt-bp for <sidr@ietfa.amsl.com>; Tue, 22 Sep 2015 18:21:23 -0700 (PDT)
Received: from cnnic.cn (smtp13.cnnic.cn [218.241.118.13]) by ietfa.amsl.com (Postfix) with ESMTP id 3BBD41B306E for <sidr@ietf.org>; Tue, 22 Sep 2015 18:21:21 -0700 (PDT)
Received: from LIUXD (unknown [218.241.103.52]) by ocmail02.zx.nicx.cn (Coremail) with SMTP id AQAAf0CJkCyN_gFWhrWoAA--.30983S3; Wed, 23 Sep 2015 09:21:17 +0800 (CST)
From: Yu Fu <fuyu@cnnic.cn>
To: sidr@ietf.org
Date: Wed, 23 Sep 2015 09:21:26 +0800
Message-ID: <000901d0f59e$2b696630$823c3290$@cn>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_000A_01D0F5E1.398CA630"
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: AdD1nirYXGIDMjEdRju+7n+VIhhEdA==
Content-Language: zh-cn
X-CM-TRANSID: AQAAf0CJkCyN_gFWhrWoAA--.30983S3
X-Coremail-Antispam: 1UD129KBjvJXoW7KF48Zr4DtF4Uur48Jry7ZFb_yoW8JFy3pr W3K3ZxJr4vqF47ZrW8Aw1jqw1FvFn8tw47urWDK3409rsxCryDJrW0gF48Ca4DXFykGrsr XF4j9F98JrW5XaDanT9S1TB71UUUUU7qnTZGkaVYY2UrUUUUjbIjqfuFe4nvWSU5nxnvy2 9KBjDU0xBIdaVrnRJUUUBqb7Iv0xC_Kw4lb4IE77IF4wAFF20E14v26r1j6r4UM7CY07I2 0VC2zVCF04k26cxKx2IYs7xG6rWj6s0DM7CIcVAFz4kK6r1j6r18M28lY4IEw2IIxxk0rw A2F7IY1VAKz4vEj48ve4kI8wA2z4x0Y4vE2Ix0cI8IcVAFwI0_Ar0_tr1l84ACjcxK6xII jxv20xvEc7CjxVAFwI0_Cr0_Gr1UM28EF7xvwVC2z280aVAFwI0_Gr1j6F4UJwA2z4x0Y4 vEx4A2jsIEc7CjxVAFwI0_Gr1j6F4UJwAS0I0E0xvYzxvE52x082IY62kv0487Mc02F40E b7x2x7xS6ryj6rWUMc02F40E57IF67AEF4xIwI1l5I8CrVAKz4kIr2xC04v26r4j6ryUMc 02F40E42I26xC2a48xMcIj6xIIjxv20xvE14v26r1j6r18McIj6I8E87Iv67AKxVWUJVW8 JwAm72CE4IkC6x0Yz7v_Jr0_Gr1lF7xvr2IYc2Ij64vIr41lc2xSY4AK67AK6w4l42xK82 IYc2Ij64vIr41l4I8I3I0E4IkC6x0Yz7v_Jr0_Gr1lx2IqxVAqx4xG67AKxVWUGVWUWwC2 0s026x8GjcxK67AKxVWUGVWUWwC2zVAF1VAY17CE14v26r1j6r15MIIYrxkI7VAKI48JMI IF0xvE2Ix0cI8IcVAFwI0_Jr0_JF4lIxAIcVC0I7IYx2IY6xkF7I0E14v26r1j6r4UMIIF 0xvE42xK8VAvwI8IcIk0rVWrZr1j6s0DMIIF0xvEx4A2jsIE14v26r1j6r4UMIIF0xvEx4 A2jsIEc7CjxVAFwI0_Jr0_GrUvcSsGvfC2KfnxnUUI43ZEXa7IU5qdgtUUUUU==
X-CM-SenderInfo: pix13q5fqqxugofq/
Archived-At: <http://mailarchive.ietf.org/arch/msg/sidr/CDBz_QXpNHYaZ_KmwHwrLQnkA00>
Subject: [sidr] Some test results of ROA issuing for sharing
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Sep 2015 01:21:26 -0000
Hi all, We have done some tests for the ROA issuing based on the software of RPKI.NET in our lab. We'd like to share our test results in the mailing list for discussion. The tests are grouped into three cases: 1) Issue the ROAs for different ASNs in the same file for the same IP Prefix: e.g. AS1->IP Prefix1 AS2->IP Prefix1 The test results show that it can issue different ROAs for different ASNs in the same file. It will create ROAs separately based on the different AS numbers for the same IP Prefix. There is no problem for this case. 2) Reissue the ROAs for the same ASN repeatedly e.g. We have issued ROA1 for AS1-> IP Prefix1 five minutes ago We are issuing ROA2 for AS1->IP Prefix2 now The test results show that ROA2 will overwrite the original ROA1 unless reissue the ROA1 again companied with ROA2 at the same time. 3) Issue different ROAs for the same AS in a file e.g. AS1->IP Prefix1 AS1->IP Prefix2 The test results show that it will merge these two ROAS into one ROA for issuing. There is no problem for this case. As the second case is a problem for the ROA issuing, we think it is a bug for the software of the RPKI.net or improve the RPKI protocol to avoid this problem. Opinions? Comments are welcome. Cheers Yu ------------------------------------------- Yu Fu fuyu@cnnic.cn