North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: So -- what did happen to Panix?
- From: Patrick W. Gilmore
- Date: Fri Jan 27 12:01:39 2006
On Jan 27, 2006, at 11:39 AM, Joe Abley wrote:
Suggested solutions do not have to solve every possible problem.
On 27-Jan-2006, at 11:12, email@example.com wrote:
Suppose AS 9327 decides to originate 18.104.22.168/24, but prepends
4555 to the AS_PATH as it does so. Suppose 9327's uses a transit
provider which builds prefix filters from the IRR, and the "as9327"
aut-num object is modified to include policy which suggests 9327
provides transit for 4555. Suppose this is not actually the case,
though, and in fact 9327 is a rogue AS which is trying to capture
but by definition, the right-most entry is the prefix origin...
The rest of the world sees a prefix with an AS_PATH attribute which
ends with "9327 4555".
In this case, from the point of view of those trying to discern
legitimacy of advertisements, what is the origin of the prefix? Is
it 4555, or 9327?
Is it possible to tell, from just the right-most entry in the
Knowing the "correct" origin will stop accidental announcements, like
the one under discussion in this thread.
And, I suspect, most problems we see today of this sort. We are not
(yet) to the point where maliciously originated prefixes are as big a
problem as accidentally originated prefixes.