nanog mailing list archives
Re: BGP route hijack by AS10990
From: Nick Hilliard <nick () foobar org>
Date: Sat, 1 Aug 2020 15:44:15 +0100
Mark Tinka wrote on 01/08/2020 12:20:
The difference between us and aviation is that fundamental flaws or mistakes that impact safety are required to be fixed and checked if you want to keep operating in the industry. We don't have that, so...
... so once again, route optimisers were at the heart of another serious route leaking incident.
BGP is designed to prevent loops from happening, and has tools like no-export to help prevent inadvertent leaks.
When people build "BGP optimisers" which reinject a prefix into a routing mesh with the entire as-path stripped and then they refuse to apply the basic minimum of common sense by refusing point blank to tag prefixes with no-export, it's a matter of certainty that leaks are going to happen, and that when they do, they'll cause damage.
It's about as responsible as shipping a shotgun with the safety disabled and then handing it to a newbie. After all, the safety makes it more difficult to operate and if the newbie shoots themselves, it was their fault. And if they shot someone else, they shouldn't have got in the way, right?
Nick
Current thread:
- Re: Issue with Noction IRP default setting (Was: BGP route hijack by AS10990), (continued)
- Re: Issue with Noction IRP default setting (Was: BGP route hijack by AS10990) Mark Tinka (Aug 02)
- Re: Issue with Noction IRP default setting (Was: BGP route hijack by AS10990) Ross Tajvar (Aug 02)
- Re: Issue with Noction IRP default setting (Was: BGP route hijack by AS10990) Mark Tinka (Aug 02)
- Re: Issue with Noction IRP default setting (Was: BGP route hijack by AS10990) Ross Tajvar (Aug 02)
- Re: Issue with Noction IRP default setting (Was: BGP route hijack by AS10990) Mark Tinka (Aug 02)
- Re: Issue with Noction IRP default setting (Was: BGP route hijack by AS10990) Mark Tinka (Aug 02)
- Re: Issue with Noction IRP default setting (Was: BGP route hijack by AS10990) Tom Beecher (Aug 03)
- Re: Issue with Noction IRP default setting (Was: BGP route hijack by AS10990) Job Snijders (Aug 03)
- Re: Issue with Noction IRP default setting (Was: BGP route hijack by AS10990) Mike Hammett (Aug 01)
- Re: Issue with Noction IRP default setting (Was: BGP route hijack by AS10990) Mark Tinka (Aug 02)
- Re: BGP route hijack by AS10990 Mark Tinka (Aug 01)
- Re: BGP route hijack by AS10990 Mark Tinka (Aug 01)
- Re: BGP route hijack by AS10990 Owen DeLong (Aug 01)
- Re: BGP route hijack by AS10990 Mark Tinka (Aug 01)
- Re: BGP route hijack by AS10990 Owen DeLong (Aug 01)
- Re: BGP route hijack by AS10990 Mark Tinka (Aug 01)