neighbor rpki strict intended behavior #20872
Unanswered
captainark
asked this question in
Q&A
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Hi!
I've been looking into setting up RPKI validation, and, after configuring 2 routinator instances as RPKI cache servers for FRR, I noticed that RPKI invalid routes would get passed to the FIB on FRR startup. A soft clear was then enough to drop those routes.
I then configured this option which fixed this issue on startup.
However, from my understanding, this would require at least one RPKI cache to have been fetched for the BGP sessions to come up.
To test this, I stopped my 2 routinator instances and restarted FRR. After the startup, the BGP session came up immediately.
Is this the intended behavior for this option?
Beta Was this translation helpful? Give feedback.
All reactions