nanog mailing list archives
Re: "Defensive" BGP hijacking?
From: Jean-Francois Mezei <jfmezei_nanog () vaxination ca>
Date: Mon, 12 Sep 2016 14:07:47 -0400
On 2016-09-11 16:54, Hugo Slabbert wrote:
Hopefully this is operational enough, though obviously leaning more towards the policy side of things: What does nanog think about a DDoS scrubber hijacking a network "for defensive purposes"?
Different spin but still "highjacking": Many moons ago, iStop, a small ISP in Canada saw its services from Bell Canada (access to last mile) cut. However, its core network and transit was still functional for a number of months. ISP2 quickly offered to rescue the stranded customers. Once registred with ISP2, a customer would see the DSL signal re-instated by Bell (now paid by ISP2) but would continue to be handed IPs that belonged to iStop. ISP2 made use of the continuing transit capacity from the iStop router which therefore continued to make BGP announcements for the iStop IP blocks (and the iStop router then just sent everythingt o ISP2's router for distribution to end users). During this time, the iStop IP blocks continued to belong to iStop from ARIn's point of view. Eventually the transit to the iStop router stopped. That day, former iStop customers now on ISP2 saw their access to internet essentially killed. At that point, the iStop IP blocks still had not been transfered to ISP2. To save the day, ISP3 kicked in and started to make BGP annoucements for iStop IPs and redirected the traffic to ISP2. At that point, ISP3 hijacked iStop's IPs, but it was done to help the situation, not to steal traffic or anything. (In fact, I think the GBP announcements from ISP3 pointed to ISP2 routers). Eventually, the iStop IP blocks was transfered to ISP2 which was then legally able to do the BGP announcements for those IPs. So there are some cases where BGP hijacking may be desirable. I guess this is where judgement kicks in.
Current thread:
- Re: "Defensive" BGP hijacking?, (continued)
- Re: "Defensive" BGP hijacking? FHR (Sep 11)
- Re: "Defensive" BGP hijacking? Ca By (Sep 11)
- Re: "Defensive" BGP hijacking? Blake Hudson (Sep 12)
- Re: "Defensive" BGP hijacking? Ryan, Spencer (Sep 12)
- Re: "Defensive" BGP hijacking? Mel Beckman (Sep 12)
- Re: "Defensive" BGP hijacking? Florian Weimer (Sep 12)
- Re: "Defensive" BGP hijacking? Jared Mauch (Sep 12)
- Re: "Defensive" BGP hijacking? Ryan, Spencer (Sep 12)
- Re: "Defensive" BGP hijacking? Paras Jha (Sep 12)
- Re: "Defensive" BGP hijacking? Mel Beckman (Sep 12)
- Re: "Defensive" BGP hijacking? Hugo Slabbert (Sep 12)
- Re: "Defensive" BGP hijacking? Jean-Francois Mezei (Sep 12)
- Re: "Defensive" BGP hijacking? Valdis . Kletnieks (Sep 12)
- Re: "Defensive" BGP hijacking? Jean-Francois Mezei (Sep 12)
- Re: "Defensive" BGP hijacking? Blake Hudson (Sep 12)
- Re: "Defensive" BGP hijacking? John Curran (Sep 12)
- Re: "Defensive" BGP hijacking? Mel Beckman (Sep 12)