![nanog logo](/images/nanog-logo.png)
nanog mailing list archives
Re: Anyone notice strange announcements for 174.128.31.0/24
From: Jared Mauch <jared () puck nether net>
Date: Tue, 13 Jan 2009 13:24:05 -0500
On Tue, Jan 13, 2009 at 08:53:42AM -0800, David Barak wrote:
--- On Tue, 1/13/09, Jared Mauch <jared () puck nether net> wrote:Does that mean that I hijacked their identiy and forged it? What level of trust do you place in the AS_PATH for your routing, debugging and decision making process?AS_PATH != identity, and I would not recommend loading the latter onto the former.
But it does represent an interesting thing. Many people treat AS_PATH as identiy, when infact it's not congruent.
Personally, I would be upset if someone injected a route with my ASN in the AS_PATH without my permission.Why? Is this a theoretical "because it's ugly" complaint, or is there a reason why manipulating this particular BGP attribute in this particular way is so bad? Organizations do filtering and routing manipulation all over the place. Is there something worse about doing it this way than others?
This is not "because it's ugly", but more complex to understand the interaction. People have asserted that injecting an as-path with 2914 will utilize the loop-detection mechanisim to prevent reachability if your transit is from 1239 or 174. Except that 174 filters out these asns from their customers. I've noticed zero complaints since my 'detecting routing leaks by counting' system was presented at nanog that were not actual leaks when too many SFI (tier-1?) asns showed up in a path. While most of the challenge could be uneducated readers of an as-path, without the protocol being changed, it really depends on the elements in the path being genuine. Without this trust, we should all configure our routers to allow our own as in, or work to make it the new default, and ask providers to change their filtering of other SFI asns from their customer as-paths. - jared -- Jared Mauch | pgp key available via finger from jared () puck nether net clue++; | http://puck.nether.net/~jared/ My statements are only mine.
Current thread:
- Re: Anyone notice strange announcements for 174.128.31.0/24, (continued)
- Re: Anyone notice strange announcements for 174.128.31.0/24 Andy Davidson (Jan 15)
- Re: Anyone notice strange announcements for 174.128.31.0/24 Patrick W. Gilmore (Jan 15)
- Re: Anyone notice strange announcements for 174.128.31.0/24 Nathan Malynn (Jan 15)
- Re: Anyone notice strange announcements for 174.128.31.0/24 Jack Bates (Jan 14)
- Re: Anyone notice strange announcements for 174.128.31.0/24 John Payne (Jan 14)
- RE: Anyone notice strange announcements for 174.128.31.0/24 Michienne Dixon (Jan 14)
- Re: Anyone notice strange announcements for 174.128.31.0/24 kris foster (Jan 14)
- Re: Anyone notice strange announcements for 174.128.31.0/24 John Payne (Jan 15)
- Re: Anyone notice strange announcements for 174.128.31.0/24 Adrian Chadd (Jan 13)
- Re: Anyone notice strange announcements for 174.128.31.0/24 Patrick W. Gilmore (Jan 13)
- Re: Anyone notice strange announcements for 174.128.31.0/24 Jared Mauch (Jan 13)
- Re: Anyone notice strange announcements for 174.128.31.0/24 Chris Adams (Jan 13)