nanog mailing list archives
Re: Deaggregating for emergency purposes
From: Chris Woodfield <rekoil () semihuman com>
Date: Wed, 7 Aug 2002 10:24:31 -0400
Truth be told, if someone was advertising your space illegitimately, any networks that use the IRR's to filter would not be accepting the rogue announcement in the first place, at least in theory. Thus, the emergency registration of more-specific route object should not be necessary, right? -C On Tue, Aug 06, 2002 at 01:29:58PM -0400, Phil Rosenthal wrote:
Most ISPs that build off of the IRR's do it nightly. I am talking about 10 /24's out of /19, and I'm not announcing any of the /24's -- and wont unless there is an emergency, and only then would it be temporary. --Phil -----Original Message----- From: owner-nanog () merit edu [mailto:owner-nanog () merit edu] On Behalf Of Omachonu Ogali Sent: Tuesday, August 06, 2002 4:00 AM To: nanog () merit edu Subject: Re: Deaggregating for emergency purposes What about announcing and registering with your IRR, more-specific routes for the period that the problem ONLY exists, instead of being lazy? If all else fails, break out Outlook and your favorite translator, because last time I checked, speaking English was not a requirement to run a network. Even if most of you do, this is not a "Majority Rules" situation. On Mon, Aug 05, 2002 at 10:47:33PM -0700, john () chagresventures com wrote:get on the bandwaggon that filtering is a good thing ?? :) at some point some transit is going to listen and drop the announcement. Lets take an example. Deep Dark middle of asia, someone starts announcing a /24 of yours. Their upstream takes the packet, and so forth. At some point they will touch a NSP or ISP (international service provider) and you can get things dropped their.Yes. End of story. Go directly to the finish diamond at the end of your flowchart. If the next step in your flowchart is "pollute IRRs with 3592375238957235893275839572 /32s", please return your maintainer object.Your pushing out a /24 will help slurp some of the traffic towards you, but not all. Personally I have deagged some prefixes to cause a DOS/DDOS towards a particular address to route down a slow connection I had. Sacrifice one link, to keep customers running on the others. But thatsdifferent. Yes, but you removed it later on, correct?Its about networking, the people kind, at this point. cheers john brown chagres technologies, inc On Mon, Aug 05, 2002 at 09:00:55PM -0400, Phil Rosenthal wrote:But the question is, what do you do if it's coming from somewhere with a difficult to contact NOC, and their upstream is difficult to contact as well? --Phil -----Original Message----- From: John M. Brown [mailto:jmbrown () ihighway net] Sent: Monday, August 05, 2002 8:12 PM To: Phil Rosenthal Cc: nanog () merit edu Subject: Re: Deaggregating for emergency purposes Hmm, this would be a "Bad Idea" (TM) (C) 2002, DMCA Protected Having had this happen to me several different times, I'd have to recommend, calling the NOC of the advertising party. as the pref'dwayof handling it. On Mon, Aug 05, 2002 at 06:41:22PM -0400, Phil Rosenthal wrote:I am currently announcing only my aggregate routes, but I have lately thought about the possibility of someone mistakenly, ormaliciously,announcing more specifics from my space. The best solution for an emergency response to that (that I can think of), is registeringallof the /24's that make up my network, so if someone shouldannounce amore-specific, I can always announce the most specific that wouldbeaccepted (assuming they don't announce the /24's too, it should beaproblem avoided) Does anyone else have any other ideas on ways to quickly deal with someone else announcing your more specifics, since contactingtheirNOC is likely going to take a long time... --Phil-- Omachonu Ogali missnglnk () informationwave net http://www.informationwave.net
Attachment:
_bin
Description:
Current thread:
- Re: RFC 2870's applicability (Re: Deaggregating for emergency purposes), (continued)
- Re: RFC 2870's applicability (Re: Deaggregating for emergency purposes) Paul Vixie (Aug 07)
- Re: RFC 2870's applicability Ralph Doncaster (Aug 07)
- Re: RFC 2870's applicability Paul Vixie (Aug 07)
- Re: RFC 2870's applicability John M. Brown (Aug 08)
- Re: RFC 2870's applicability (Re: Deaggregating for emergency purposes) Patrick (Aug 07)
- Re: RFC 2870's applicability (Re: Deaggregating for emergency purposes) Brad Knowles (Aug 09)
- Re: RFC 2870's applicability (Re: Deaggregating for emergency purposes) Stephen Sprunk (Aug 09)
- Re: RFC 2870's applicability (Re: Deaggregating for emergency purposes) Randy Bush (Aug 09)
- Re: RFC 2870's applicability (Re: Deaggregating for emergency purposes) Paul Vixie (Aug 09)
- Re: Deaggregating for emergency purposes Adam Rothschild (Aug 06)
- Re: Deaggregating for emergency purposes Chris Woodfield (Aug 07)
- RE: Deaggregating for emergency purposes Derek Samford (Aug 07)
- Re: Deaggregating for emergency purposes Valdis . Kletnieks (Aug 07)
- RE: Deaggregating for emergency purposes Phil Rosenthal (Aug 07)
- Re: Deaggregating for emergency purposes Richard A Steenbergen (Aug 06)
- Re: Deaggregating for emergency purposes bmanning (Aug 06)
- Re: Deaggregating for emergency purposes bdragon (Aug 06)
- "... I don't think that means what he thinks it means..." bmanning (Aug 07)