Re: BGP route hijack by AS10990

[Nick Hilliard <nick () foobar org>]

Sabri Berisha wrote on 01/08/2020 20:59:
> My point is that there can be operational reasons to do so, and whatever
> they wish to do on their network is perfectly fine. As long as they don't
> bother the rest of the world with it.

I get what you're saying, and am a big fan of personal responsibility, 
but when a vendor ships a product like a BGP optimiser, it requires that 
you run your network with the safety controls removed.

It's no different in principle to shipping guns with the safety welded 
to off, or hot-wiring 20kW cables to bypass your RCDs.  It can produce 
some great results, no doubt about it, but sooner or later you're 
guaranteed that there's going to be a nasty accident.

In any individual case, it's understandable to assign blame to an 
operator for messing up their configs. In the general case, shipping 
products with dangerous-by-default configurations is going lead to more 
accidents happening.

At this point, a large proportion of the major routing leaks on the 
internet can be associated with bgp optimisers and Noction's name 
appears with disturbing regularity.  This is an appalling record, not 
least because it's almost entirely preventable.

Nick