Re: Cogent leaking /32s?

[Michael Hallgren <m.hallgren () free fr>]

Le vendredi 02 octobre 2009 à 11:01 -0500, Alex H. Ryu a écrit :
> If there is DDoS attack going on from/to specific /32, sometimes they do
> that to avoid too much overload for the network.
> Cogent should give the answer for what's going on.

Generally, such is kept in-AS (null-routing or routing to some other
sink of choice).

mh

> Alex
>
> Zak Thompson wrote:
> > We had a problem with cogent about a year ago.  Somehow.. cymru was
> > announcing a /32 of ours and black holing it for whatever reason.  It
> > was removed but wasn't happy that cogent was allowing cymru to do this
> > sort of action.  To this date we do not have a valid reason from cogent
> > on why they allowed this to happen.
> >
> > Cheers,
> > Zak Thompson
> >
> >
> >
> > -----Original Message-----
> > From: ML [mailto:ml () kenweb org] 
> > Sent: Friday, October 02, 2009 7:23 AM
> > To: nanog () nanog org
> > Subject: Cogent leaking /32s?
> >
> > I received an alert from Cyclops telling me a probe in AS513 had seen a 
> > /32 that I announce to Cogent for one of our BGP sessions.
> >
> > Did anyone else see this?
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >   
-- 
michael hallgren, mh2198-ripe

Attachment: signature.asc
Description: Ceci est une partie de message numériquement signée