Re: Telstra Hijack

["Sadiq Saif" <lists () sadiqsaif com>]

On Tue, 29 Sep 2020, at 16:36, Ross Tajvar wrote:
> I'm surprised no one else has mentioned this yet, but Telstra is 
> hijacking a lot of prefixes:
>
> https://rpki.cloudflare.com/?view=bgp&prefix=&asn=1221&validState=Invalid 
>
> Since we don't have RPKI filtering in our network (yet), we are 
> currently filtering everything with the path ".* 4637 1221$". 
>
> This is of course taking a while...

My employer's prefixes were affected, I posted about it on the AusNOG list so I could get some assistance. It has 
cleared up now but it took about two hours or so.

I saw AS paths like this from HE's looking glass:
6461x4, 4637x11, 1221

I would love to know what the root cause of the leak was.

-- 
  Sadiq Saif