prefix origin-validation enable (BGP view)

Function

The prefix origin-validation enable command enables BGP origin AS validation.

The undo prefix origin-validation enable command disables BGP origin AS validation.

By default, BGP origin AS validation is disabled.

Format

prefix origin-validation enable

undo prefix origin-validation enable

Parameters

None

Views

BGP view

Default Level

2: Configuration level

Task Name and Operations

Task Name Operations
bgp write

Usage Guidelines

Usage Scenario

After an RPKI session is established between a router and an RPKI server, you can run the prefix origin-validation enable command to enable BGP origin AS validation. After BGP origin AS validation is enabled, the router periodically queries Route Origin Authorizations (ROAs) from the RPKI server and matches the origin AS of each received BGP route against the ROAs. The validation result can be Valid, Not Found, or Invalid.

The BGP origin AS validation result can be applied to route selection and advertised to BGP peers.

Example

# Enable BGP origin AS validation.
<HUAWEI> system-view
[~HUAWEI] bgp 100
[*HUAWEI-bgp] prefix origin-validation enable
Parent Topic: BGP Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >