Showing T11: OV: ROA Range Maxlength Match - Longer Path

Owner sspies
Date created 2011-06-09 18:57:07 UTC

Test Description

This test will test the RPKI processing for a received prefix that is covered by a ROA. The match happens at the max length of the ROA range. ROA: x/16-24 with Prefix: x:/24

Detailed Description

This test uses two ASes, AS64699 and 64799 each sending out one single update. Each router will announce the prefix whereas AS64699 uses a longer path than 64799. In addition a single ROA {, AS64600} will be announced using the cache to router protocol [draft-ietf-sidr-rpki-rtr-12]. The data that contains destilled ROA information as seen above will further be called whitelist data. All data, BGP traffic as well as the whitelist data is available immediately with the beginning of the test.


  • Best Path Selection: As first tie breaker, prefer paths with the validation state valid over paths with the validation state unknown over the validation state invalid. In case the validation state is equals it is expected that the router selects the shorter path over the longer path. Cache to Router: It is expected that the implementation under test (IUT) will send a "Query Request" message within 30 seconds of the receipt of a "Notify" message.

Simulated Topology

           AS 64600
           AS 64601                                        AS 64700
               |                                        []
               |                                                |
               |                   BRITE                        |
           AS 64602              VALIDATION                 AS 64701
               |                   CACHE                        |
               |                     |                          |
           AS 64603                  |(rpki-rtr)            AS 64702
               |                     |                          |
               |                     |                          |
           AS 64699--------------AS 65500-------------------AS 64799
        [BRITE ROUTER]   (bgp)     [IUT]      (bgp)      [BRITE ROUTER]
                                 AS 64800
                             [BRITE COLLECTOR]


  • T1: AS64600 originates
  • T1: AS64700 originates
  • T1: Announce Whitelist, AS 64600


The end result of this test is that the IUT Must finally select the longer path announced by AS 64600. Due to the nature of timing it is possible that the IUT selects the shorter path announced by AS64700. This can be the case, if the processing of the whitelist entry takes longer than the BGP processing. Once the whitelist is processed it is expected that the system converges using the longer path.
The following list of Goals will show the expectations.
  • G1: receive (, AS 64600)
  • GoalSet_2:(optional)
    • G2: receive (, AS 64700)
    • G3: require G2 receive (, AS 64600)