Let say ASN1 advertises prefix 2.0.0.0/24 and they pass RPKI check. If there is an old or malicious IRRDB entry for 2.0.0.0/24 to ASN2 which also gets advertised to the route server(passing irrdb check but not rpki), is there anything to make sure that the RPKI validated prefix will have higher preference?
When I look at the bird config I don't see a protection for that situation.
Is it worth it to set a higher than default local preference which will protect an RPKI verified prefix vs a potential hijack attempt on the route server bgp table?
Let say ASN1 advertises prefix 2.0.0.0/24 and they pass RPKI check. If there is an old or malicious IRRDB entry for 2.0.0.0/24 to ASN2 which also gets advertised to the route server(passing irrdb check but not rpki), is there anything to make sure that the RPKI validated prefix will have higher preference?
When I look at the bird config I don't see a protection for that situation.
Is it worth it to set a higher than default local preference which will protect an RPKI verified prefix vs a potential hijack attempt on the route server bgp table?