nanog mailing list archives
RE: Hijacked Network Ranges - paging Cogent and GBLX/L3
From: "Schiller, Heather A" <heather.schiller () verizon com>
Date: Tue, 31 Jan 2012 15:05:24 -0500
Sorry -- was looking at the wrong thing. Doh! --heather -----Original Message----- From: Schiller, Heather A Sent: Tuesday, January 31, 2012 3:05 PM To: 'Keegan Holley' Cc: Kelvin Williams; nanog () nanog org Subject: RE: Hijacked Network Ranges - paging Cogent and GBLX/L3 Looks fixed now.. --heather -----Original Message----- From: Keegan Holley [mailto:keegan.holley () sungard com] Sent: Tuesday, January 31, 2012 2:50 PM To: Schiller, Heather A Cc: Kelvin Williams; nanog () nanog org Subject: Re: Hijacked Network Ranges - paging Cogent and GBLX/L3 To be honest I haven't had much success it convincing a tier 1 to modify someone else's routes on my behalf for whatever reason. I also have had limited success in getting them to do anything quickly. I'd first look to modify your advertisements as much as possible to mitigate the issue and then work with the other guys upstreams second. 2012/1/31 Schiller, Heather A <heather.schiller () verizon com>:
Or roll it up hill: 33611 looks like they get transit from 19181, who's only upstream appears to be 12189. 12189 gets connectivity from 174 and 3549. 174 = Cogent 3549 = GBLX/L3 --Heather -----Original Message----- From: Kelvin Williams [mailto:kwilliams () altuscgi com] Sent: Tuesday, January 31, 2012 1:01 PM To: nanog () nanog org Subject: Hijacked Network Ranges Greetings all. We've been in a 12+ hour ordeal requesting that AS19181 (Cavecreek Internet Exchange) immediately filter out network blocks that are being advertised by ASAS33611 (SBJ Media, LLC) who provided to them a forged LOA. The routes for networks: 208.110.48.0/20, 63.246.112.0/20, and 68.66.112.0/20 are registered in various IRRs all as having an origin AS 11325 (ours), and are directly allocated to us. The malicious hijacking is being announced as /24s therefore making route selection pick them. Our customers and services have been impaired. Does anyone have any contacts for anyone at Cavecreek that would actually take a look at ARINs WHOIS, and IRRs so the networks can be restored and our services back in operation? Additionally, does anyone have any suggestion for mitigating in the interim? Since we can't announce as /25s and IRRs are apparently a pipe dream. -- Kelvin Williams Sr. Service Delivery Engineer Broadband & Carrier Services Altus Communications Group, Inc. "If you only have a hammer, you tend to see every problem as a nail." -- Abraham Maslow
Current thread:
- Re: Hijacked Network Ranges, (continued)
- Re: Hijacked Network Ranges Anurag Bhatia (Jan 31)
- Re: Hijacked Network Ranges Jonathan Lassoff (Jan 31)
- Re: Hijacked Network Ranges Keegan Holley (Jan 31)
- Re: Hijacked Network Ranges Jonathan Lassoff (Jan 31)
- RE: Hijacked Network Ranges Chuck Church (Jan 31)
- Re: Hijacked Network Ranges Kelvin Williams (Jan 31)
- Re: Hijacked Network Ranges Ricky Beam (Jan 31)
- RE: Hijacked Network Ranges - paging Cogent and GBLX/L3 Schiller, Heather A (Jan 31)
- Re: Hijacked Network Ranges - paging Cogent and GBLX/L3 Keegan Holley (Jan 31)
- RE: Hijacked Network Ranges - paging Cogent and GBLX/L3 Schiller, Heather A (Jan 31)
- RE: Hijacked Network Ranges - paging Cogent and GBLX/L3 Schiller, Heather A (Jan 31)
- RE: Hijacked Network Ranges - paging Cogent and GBLX/L3 Ido Szargel (Jan 31)
- RE: Hijacked Network Ranges - paging Cogent and GBLX/L3 Eric Tykwinski (Jan 31)
- Re: Hijacked Network Ranges - paging Cogent and GBLX/L3 Keegan Holley (Jan 31)
- Re: Hijacked Network Ranges Andrew Fried (Jan 31)
- Re: Hijacked Network Ranges John Schneider (Jan 31)
- Re: Hijacked Network Ranges John Schneider (Jan 31)
- RE: Hijacked Network Ranges George Bonser (Jan 31)