The goal of Origin Validation is to reduce the negative impact of routes with incorrect origins caused by misconfigured routers or intentional hijacks.
Origin Validation has been in use on the Internet since January of 2011 and continued adoption is ongoing. Large Tier-1 networks NTT, AT&T, Cloudflare, Telia Carrier, and others have already deployed it.
This NCE shows the purpose and configuration for Origin Validation. It also shows the basic operation with the Junos OS router CLI commands used to verify its operation.
This document forms a starting point for anyone implementing Origin Validation. When setting up Origin Validation in a production environment, we recommend you to define the local policy on how to treat each validation state and then define the BGP import policy to match.
Refer to Juniper Network’s technical documentation on the Junos OS routing policies for more information.
See the Day One book Deploying BGP Routing Security