Re: [Sidrops] ARIN RPKI Service Impact - 12 August 2020 - manifest issue - resolved

Job Snijders <job@ntt.net> Sat, 15 August 2020 21:59 UTC

Return-Path: <job@ntt.net>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6E3AD3A0916 for <sidrops@ietfa.amsl.com>; Sat, 15 Aug 2020 14:59:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ceTgemP2zjAi for <sidrops@ietfa.amsl.com>; Sat, 15 Aug 2020 14:59:28 -0700 (PDT)
Received: from mail4.dllstx09.us.to.gin.ntt.net (mail4.dllstx09.us.to.gin.ntt.net [128.241.192.26]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0E5573A0915 for <sidrops@ietf.org>; Sat, 15 Aug 2020 14:59:27 -0700 (PDT)
Received: from bench.sobornost.net (218-vpn.londen03.uk.bb.gin.ntt.net [165.254.197.218]) by mail4.dllstx09.us.to.gin.ntt.net (Postfix) with ESMTPSA id 987B6EE0160; Sat, 15 Aug 2020 21:59:26 +0000 (UTC)
Received: from localhost (bench.sobornost.net [local]) by bench.sobornost.net (OpenSMTPD) with ESMTPA id d7f93f34; Sat, 15 Aug 2020 21:59:25 +0000 (UTC)
Date: Sat, 15 Aug 2020 21:59:24 +0000
From: Job Snijders <job@ntt.net>
To: sidrops@ietf.org
Cc: John Curran <jcurran@arin.net>
Message-ID: <20200815215924.GA11460@bench.sobornost.net>
References: <DE33EFAE-FBD2-478F-92A9-1FBD81CCC43F@arin.net> <CAL9jLaZoFk8qnaZHvXdNqq9vFpWG_ZhRz4f-ufy6HbKQGJ8eoA@mail.gmail.com> <EEA16680-1733-4532-9081-7520502AC0CC@arin.net> <m2lfif1uaf.wl-randy@psg.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <m2lfif1uaf.wl-randy@psg.com>
X-Clacks-Overhead: GNU Terry Pratchett
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/hiYGbeg_SiClBUPIpRP2_9MLP_4>
Subject: Re: [Sidrops] ARIN RPKI Service Impact - 12 August 2020 - manifest issue - resolved
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 15 Aug 2020 21:59:29 -0000

On Sat, Aug 15, 2020 at 02:19:36PM -0700, Randy Bush wrote:
> thanks for the preliminary post mortem
> 
> > 3) Additional stringency to specs for the more common validators would
> >    help in some cases
> 
> fwiw, one dragon lab instance sra is running is so old it is rsync only,
> and so did not see the problem.
> 
> the assorted dragon labs instances i watch did not report anything.
> they quietly fell back from rrdp to rsync per spec.  this is both good
> news, things worked as expected, and bad news, they knew something went
> wrong and did not report it.

>From my observations RPKI data with a signature identifier discrepancy
was distributed both via RRDP and RSYNC. This was not a transport
protocol specific event.

A copy (made during the outage window) is available here:
http://sobornost.net/~job/arin-broken-state-20200812.tar.gz

Kind regards,

Job