On Thu, Jun 25, 2026 at 09:41:35AM -0300, Douglas Fischer wrote:

Em qui., 25 de jun. de 2026 às 09:01, Maria Matejka via Bird-users < bird-users@network.cz> escreveu:

Note: The connectivity was hotfixed by temporarily adding HE as CZ.NIC provider in ASPA, and later returned to normal (checked right now).

It makes me very sad to hear that the solution to this involved informing in ASPA HE as a provider

Well, that was a connectivity hotfix, not a permanent solution.

My greatest hope regarding ASPA is (or was) that any of the ASNs exhibiting this behavior—taking peering routes and advertising them to downstream customers as if they were part of their own customer cone—would be publicly vilified.

The real question is, how to stop big leakers from forcing everybody to approve them as their provider. And while we can point our fingers here and there, the operational reality is to keep the connectivity running.

I expect that quite a lot of these problems will disappear when IXPs deploy ASPA upstream validation and simply drop all leaks.

Until then, with the downstream validation, we play chicken.


Maria Matejka (she/her) | BIRD Team Leader | CZ.NIC, z.s.p.o.