BIRD 3.2.1, 3.1.6, 2.18.1, and 2.17.4 released
Maria Matejka
maria.matejka at nic.cz
Wed Apr 8 15:32:33 CEST 2026
Hello Ondřej,
> On 05/04/2026 21:10, Maria Matejka via Bird-users wrote:
> > There is the ASPA fix you are waiting for, fixing broken downstream
> > validation. Thanks for reporting and contributing; that was a stupid
> > mistake. More on that hopefully at RIPE 92 in Edinburgh.
>
> Looking forward for that presentation.
I hope that it's gonna be a banger.
> The not so good news is that is marks some unknown paths as valid. I peeked
> into the source code again and thanks to the extensive documentation, it is
> obvious where the error is and why it manifests on paths like this one:
>
> 1.1.1.0/24 unicast [peer_as3333_eqix3_v4 2026-04-07] * (100)
> [AS13335i]
> bgp_path: 3333 13335
> valid_roa: 1
> valid_aspa: 1
I'm very convinced that this is indeed downstream valid. It's upstream
unknown for sure if none has ASPA signed, but downstream definitely
valid. These two ASNs are the two apexes and it may be just a lateral
peering between them.
Actually, by definition, all 2-ASN paths should be downstream valid, as
both min_down_ramp and min_up_ramp are at least one, which sums to 2.
I hope this makes sense.
Thank you for checking!
Maria
--
Maria Matejka (she/her) | BIRD Team Leader | CZ.NIC, z.s.p.o.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20260408/4b8d99a0/attachment.htm>
More information about the Bird-users
mailing list