nanog mailing list archives
Re: IPv4 and IPv6 hijacking by AS 6
From: Christopher Morrow <morrowc.lists () gmail com>
Date: Sat, 14 Apr 2018 01:13:40 +0100
On Fri, Apr 13, 2018 at 10:35 PM, Randy Bush <randy () psg com> wrote:
I believe we've seen bogus low AS number announcements a few times before, and they've usually been caused by attemts to configure AS path prepending without understanding and/or reading the docs. Someone might have wrongly assumed that set as-path prepend 133711 133711 could be written shorter like set as-path prepend 133711 2 and there you go...for someone else's prefix?
Perhaps their policy is something like: "prepend all of transit-provider-1 prefixes by 2, their links are crappy today" followed by output policy: "permit all of my prefixes (matched by as-path-regex) and my customer prefixes (matched by community)" there's probably a bunch of ways this can go sideways, that's just one simple (and seen before) example.
Current thread:
- Re: IPv4 and IPv6 hijacking by AS 6, (continued)
- Re: IPv4 and IPv6 hijacking by AS 6 Loganaden Velvindron (Apr 12)
- Re: IPv4 and IPv6 hijacking by AS 6 lists (Apr 12)
- Re: IPv4 and IPv6 hijacking by AS 6 Matt Harris (Apr 12)
- Re: IPv4 and IPv6 hijacking by AS 6 Job Snijders (Apr 12)
- Re: IPv4 and IPv6 hijacking by AS 6 Anurag Bhatia (Apr 12)
- Re: IPv4 and IPv6 hijacking by AS 6 Bjørn Mork (Apr 13)
- Re: IPv4 and IPv6 hijacking by AS 6 David Hubbard (Apr 13)
- Re: IPv4 and IPv6 hijacking by AS 6 Jason S. Cash (Apr 13)
- Re: IPv4 and IPv6 hijacking by AS 6 Job Snijders (Apr 13)
- Re: IPv4 and IPv6 hijacking by AS 6 Randy Bush (Apr 13)
- Re: IPv4 and IPv6 hijacking by AS 6 Christopher Morrow (Apr 13)
- Re: IPv4 and IPv6 hijacking by AS 6 Bjørn Mork (Apr 14)
- Re: IPv4 and IPv6 hijacking by AS 6 Matt Harris (Apr 12)
- Re: IPv4 and IPv6 hijacking by AS 6 Vincent Bernat (Apr 12)
- Re: IPv4 and IPv6 hijacking by AS 6 Theodore Baschak (Apr 13)