Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


Routing Protocols

  • TCP-AO for RPKI validation sessions (MX204, MX240, MX480, MX960, MX10003, MX10008, MX10016, MX2008, MX2010, MX2020, PTX1000, PTX10002, PTX10008, PTX10016, and vRR) )—Starting in Junos OS Release 22.2R1, you can use TCP Authentication Option (TCP-AO) to authenticate resource public key infrastructure (RPKI) validation sessions for securing the Internet's routing infrastructure, such as BGP. Using RPKI, legitimate holders of Internet number resources can control the operation of Internet routing protocols to prevent route hijacking and other attacks.

    To enable a TCP-AO chain to authenticate an RPKI validation session, use authentication-algorithm ao and the configured authentication-key-chain keychain at the [edit routing-options validation group group_name session address and [edit routing-options validation group group_name hierarchy levels.

    See [TCP Authentication Option (TCP-AO).]