nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: BGP route hijack by AS10990

From: Mark Tinka <mark.tinka () seacom com>
Date: Fri, 31 Jul 2020 16:43:49 +0200


On 31/Jul/20 16:29, Mike Hammett wrote:

They solve a need that isn't reasonably solved any other way that
doesn't have similar drawbacks.

Some optimizers need to be redesigned to be safer by default.

Some networks need to be safer by default as well.


Almost every product ever made does solve a need. You will find at least
one customer who is happy with what they paid their money for.

But BGP-4 is vulnerable enough as it is, and the Internet has moved on
in leaps and bounds since 1994 (RFC 1654).

Until we see BGP-5, we need to look after our community. And if that
means holding the BGP optimizers to a higher standard, so be it.

As they say, "You can't blame a monkey for botching a brain surgery".

Plenty of industries strongly "guide" (I'll avoid "regulate") their
actors to ensure standards and results (medicine, aviation, energy,
construction, e.t.c.). If the acceptance bar to a BGP actor is an
optional CCNA or JNCIA certification, we shall learn the hard way, as we
did with this and similar incidents.

Mark.
Previous By Date Next
Previous By Thread Next

Current thread: