From 88ae0edd07fa9cf92a6cacdf9851f5ad09ed3f80 Mon Sep 17 00:00:00 2001 From: Christoffer Date: Sat, 5 Jan 2019 22:38:45 +0000 Subject: [PATCH] BUG: fix roagenerator to be compliant with RFC 6483 section 4. Changed maxlength to be either 32 (v4) or 128 (v6) when AS0 is set as origin ASN. """ 4. Disavowal of Routing Origination A ROA is a positive attestation that a prefix holder has authorized an AS to originate a route for this prefix into the inter-domain routing system. It is possible for a prefix holder to construct an authorization where no valid AS has been granted any such authority to originate a route for an address prefix. This is achieved by using a ROA where the ROA's subject AS is one that must not be used in any routing context. Specifically, AS 0 is reserved by the IANA such that it may be used to identify non-routed networks [IANA-AS]. A ROA with a subject of AS 0 (AS 0 ROA) is an attestation by the holder of a prefix that the prefix described in the ROA, and any more specific prefix, should not be used in a routing context. The route validation procedure, described in Section 2, will provide a "valid" outcome if any ROA matches the address prefix and origin AS, even if other valid ROAs would provide an "invalid" validation outcome if used in isolation. Consequently, an AS 0 ROA has a lower relative preference than any other ROA that has a routable AS as its subject. This allows a prefix holder to use an AS 0 ROA to declare a default condition that any route that is equal to or more specific than the prefix to be considered "invalid", while also allowing other concurrently issued ROAs to describe valid origination authorizations for more specific prefixes. By convention, an AS 0 ROA should have a maxLength value of 32 for IPv4 addresses and a maxlength value of 128 for IPv6 addresses; although, in terms of route validation, the same outcome would be achieved with any valid maxLength value, or even if the maxLength element were to be omitted from the ROA. Also by convention, an AS 0 ROA should be the only ROA issued for a given address prefix; although again, this is not a strict requirement. An AS 0 ROA may coexist with ROAs that have different subject AS values; although in such cases, the presence or lack of presence of the AS 0 ROA does not alter the route's validity state in any way. """ --- rfc8416.php | 4 ++-- roagen.php | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/rfc8416.php b/rfc8416.php index b03bad7..47bbc93 100755 --- a/rfc8416.php +++ b/rfc8416.php @@ -111,7 +111,7 @@ foreach ($raw_array as $sub_array) $roas["locallyAddedAssertions"]["prefixAssertions"][$k]["asn"] = trim ($_asn[0], "AS"); $roas["locallyAddedAssertions"]["prefixAssertions"][$k]["prefix"] = $_prefix; - $roas["locallyAddedAssertions"]["prefixAssertions"][$k]["maxPrefixLength"] = $_maxlength; + $roas["locallyAddedAssertions"]["prefixAssertions"][$k]["maxPrefixLength"] = ($_asn[0] != "AS0" ? $_maxlength : 128); $roas["locallyAddedAssertions"]["prefixAssertions"][$k]["comment"] = "$web_registry_url/data/inet6num/$prefix[1]_$prefix[2]"; $roas["locallyAddedAssertions"]["prefixAssertions"][$k]["source"] = "$_ta"; $roas["locallyAddedAssertions"]["prefixAssertions"][$k]["mnt-by"] = "$_mnt"; @@ -212,7 +212,7 @@ foreach ($raw_array as $sub_array) $roas["locallyAddedAssertions"]["prefixAssertions"][$k]["asn"] = trim ($_asn[0], "AS"); $roas["locallyAddedAssertions"]["prefixAssertions"][$k]["prefix"] = $_prefix; - $roas["locallyAddedAssertions"]["prefixAssertions"][$k]["maxPrefixLength"] = $_maxlength; + $roas["locallyAddedAssertions"]["prefixAssertions"][$k]["maxPrefixLength"] = ($_asn[0] != "AS0" ? $_maxlength : 32); $roas["locallyAddedAssertions"]["prefixAssertions"][$k]["comment"] = "$web_registry_url/data/inetnum/$prefix[1]_$prefix[2]"; $roas["locallyAddedAssertions"]["prefixAssertions"][$k]["source"] = "$_ta"; $roas["locallyAddedAssertions"]["prefixAssertions"][$k]["mnt-by"] = "$_mnt"; diff --git a/roagen.php b/roagen.php index acf1b55..d818826 100755 --- a/roagen.php +++ b/roagen.php @@ -97,7 +97,7 @@ foreach ($raw_array as $sub_array) $roas["roas"][$k]["asn"] = $_asn[0]; $roas["roas"][$k]["prefix"] = $_prefix; - $roas["roas"][$k]["maxLength"] = $_maxlength; + $roas["roas"][$k]["maxLength"] = ($_asn[0] != "AS0" ? $_maxlength : 128); $roas["roas"][$k]["ta"] = $_ta; $k++; @@ -187,7 +187,7 @@ foreach ($raw_array as $sub_array) $roas["roas"][$k]["asn"] = $_asn[0]; $roas["roas"][$k]["prefix"] = $_prefix; - $roas["roas"][$k]["maxLength"] = $_maxlength; + $roas["roas"][$k]["maxLength"] = ($_asn[0] != "AS0" ? $_maxlength : 32); $roas["roas"][$k]["ta"] = $_ta; $k++;