Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: So -- what did happen to Panix?

  • From: Patrick W. Gilmore
  • Date: Fri Jan 27 12:01:39 2006

On Jan 27, 2006, at 11:39 AM, Joe Abley wrote:

On 27-Jan-2006, at 11:12, bmanning@vacation.karoshi.com wrote:

	but by definition, the right-most entry is the prefix origin...
Suppose AS 9327 decides to originate 198.32.6.0/24, but prepends 4555 to the AS_PATH as it does so. Suppose 9327's uses a transit provider which builds prefix filters from the IRR, and the "as9327" aut-num object is modified to include policy which suggests 9327 provides transit for 4555. Suppose this is not actually the case, though, and in fact 9327 is a rogue AS which is trying to capture 4555's traffic.

The rest of the world sees a prefix with an AS_PATH attribute which ends with "9327 4555".

In this case, from the point of view of those trying to discern legitimacy of advertisements, what is the origin of the prefix? Is it 4555, or 9327?

Is it possible to tell, from just the right-most entry in the AS_PATH attribute?
Suggested solutions do not have to solve every possible problem.

Knowing the "correct" origin will stop accidental announcements, like the one under discussion in this thread.

And, I suspect, most problems we see today of this sort. We are not (yet) to the point where maliciously originated prefixes are as big a problem as accidentally originated prefixes.

--
TTFN,
patrick




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.