Re: someone is using my AS number

[Job Snijders <job () instituut net>]

On Sat, Jun 15, 2019 at 05:32:21AM -0700, Owen DeLong wrote:
> > What is the principal harm of doing this? Honest question. I'm not advocating for anything, just curious.
> >
> > Excellent question.
> >
> > 1/ We can’t really expect on the loop detection to work that way at
> > the “jacked” side. So if this is innocent traffic engineering, it is
> > unreliable at best.
>
> Why not? 

There is no signal from the remote ASN (the one that receive the route
announcement) to the Originator ASN about the remote ASN's loop
detection policies. Therefor, since you can't know what the remote side
will do ahead of time. The only recourse left at that point is active
probing (trial & error). Trial and error, where the 'error' state may be
an hard outage, means that the method is unreliable.

> Since this TE method is unlikely to be used to control propagation
> to/through a stub ASN, it ought to be pretty reliable for the intended
> purpose.

To all other people - AS_PATH poisoning, as a method to perform traffic
engineering, is *not* reliable and can lead to hard outages.

Regards,

Job