North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: a fun hijack: 1/8, 2/8, 3/8, 4/8, 5/8, 7/8, 8/8, 12/8 brieflyannounced by AS 23520 (today)
- From: Jeroen Massar
- Date: Thu Jun 08 05:06:24 2006
On Wed, 2006-06-07 at 11:01 -0700, Josh Karlin wrote:
> Check out the IAR for "Potential Prefix Hijacks" and if you're coming
> to this more than 24 hours after the post, do a search on AS 23520 as
> the hijacking AS.
> I don't know how long the routes were announced, but they seem to be
> gone now. Or maybe the IAR is horribly broken, in which case I will
> be lynched :)
You are the broken part, due to the mere simple fact that you accept
those routes. That your uplinks are accepting them also means that you
are not paying them enough so that they don't accept them either.
But in ARIN land you have an excuse, more or less, as there is not a
real 'good' routing database. In RIPE land we at least have route+route6
objects in the RIPE database where one can filter on, but that is only
for RIPE. A sane and complete routing information database would already
considerably help here. RADB is nice but does not help much to make the
info complete. Also anybody can then still announce the prefix with the
correct source ASN and other nasty tricks.
In the end, the complete solution to most of these issues will be in the
form of S-BGP (http://www.ir.bbn.com/sbgp/) and similar solutions.
And the IETF is fortunately working on this:
It might take some time still, but it will come one day and then these
issues are gone.
At the moment you'll just have to trust your peers and try to get them
to implement a sane policy on what kind of announcements they accept or
Description: This is a digitally signed message part