nanog mailing list archives
Re: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s)
From: Geoff Huston <gih () apnic net>
Date: Tue, 24 May 2022 20:00:36 +0000
On 25 May 2022, at 5:45 am, Jakob Heitz (jheitz) via NANOG <nanog () nanog org> wrote: This attack will work very well until the victim starts advertising its prefix. The victim may not notice the fake advertisement because the fake advertisement will not reach the victim AS due to AS-path loop checking.
Often the best forms of attack are ones that are scoped in locality. Advertising the same prefix from a different location in BGP may create a localised preference to follow the synthesised route which is not visible everywhere. Sometimes this is exactly what the attacker wants to achieve. Geoff
Current thread:
- RE: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s), (continued)
- RE: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s) Jakob Heitz (jheitz) via NANOG (May 13)
- Re: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s) Mark Tinka (May 13)
- Re: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s) Saku Ytti (May 14)
- RE: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s) Jakob Heitz (jheitz) via NANOG (May 15)
- Re: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s) Hank Nussbacher (May 14)
- Re: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s) Nick Hilliard (May 14)
- Re: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s) Max Tulyev (May 24)
- Re: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s) Saku Ytti (May 24)
- RE: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s) Jakob Heitz (jheitz) via NANOG (May 13)
- Re: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s) Randy Bush (May 14)
- Re: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s) Geoff Huston (May 24)