Option to not generate an origin hijack alert if the prefix has a valid ROA #595
Comments
|
The logic of the hijack alerting is the following: "if there is a mismatch between the config file and the incoming BGP updates from external or other sources, then declare alert". We accompany such alerts with the ROA validation status; however, ROAs and alerts are complementary since the Source of Truth is always the config file info. In this feature request, you refer to automatically adding the RPKI ROA truth info to the config file so that no origin alerts are triggered if ROAs cover them, is that correct? Or checking also the ROA before triggering the alert, and if valid, do not trigger at all but silently continue? |
|
I'm thinking more checking the ROA before triggering the alert and if valid, do not trigger at all but silently continue. Perhaps create a new tag for the alerts such as "RPKI valid" and apply this tag instead of "Ongoing". |
It would be nice if in the config there was an option to not generate origin hijack alerts if Artemis sees a valid ROA for the prefix which has been sent by the validator.
The text was updated successfully, but these errors were encountered: