On 17/07/15 11:00 am, Dave Mill wrote:

Hi all

Hi Dave,

NZNOG, and especially Michael Fincham and Tim Hoffman, had done a big push both at our conferences and on this list to get people using RPKI route validation.

We were a test customer using the NZRS service at http://validator.rpki.net.nz/rtr-sessions .

Yes we noticed you stopped using the validator, hopefully you will be back soon :)

Someone with an observant eye may have noticed that we silently stopped using this validator a few weeks ago.

We hit a 'minor' issue where Junos would restart _all_ routing daemons and produce a core dump when running a session to a RPKI validator. It affects 12.3R9 12.3X48-D10 13.3R4 14.1R3 14.2R1 15.1R1 and happens on J-series, M-series, T-series, MX-series, EX Series, SRX Series.

PR for those with a Juniper login - https://prsearch.juniper.net/InfoCenter/index?page=prcontent&id=PR1010216

Upgrade to a recent release of your choosing to fix.

Just figured I'd share for anyone else who is doing RPKI validation on one of these releases. For now we've stopped doing RPKI validation until we can arrange an upgrade of the routers involved.

Picking up on this, the RPKI validator is an open free service for all those who don't want to setup their own validator. It's a service provided to the community, at the same level as ntp.net.nz and pgp.net.nz, use it with confidence. The RPKI validator uses RIPE NCC software, so it's intended to be robust. It uses the RTR protocol to receive requests from routers. There is no signup process required, just point your routers to validator.rpki.net.nz port 8282. If there is need for enabling TCP-AO or SSH transport, let us know. If you have any questions, don't hesitate to contact any of NZRS staff Cheers,

Cheers Dave

_______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog

-- Sebastian Castro Technical Research Manager NZRS Ltd. desk: +64 4 495 2337 mobile: +64 21 400535