--- On Tue, 1/13/09, Jared Mauch <jared@puck.nether.net> wrote:
No, they are both victims. If I inject a path that purports there is an edge between two networks which are engaged in a bitter dispute, (i'll use cogent & sprint as an example) - _1239_174_ that may create a situation where someone asserts that their routes are being filtered when infact no connectivity exists.
That's a theoretical possibility, but who would be the one doing the asserting? I would argue that it would either be the owner of the announced space or someone trying to reach it. In this case, nobody was trying to reach the /24 in question, and the owner was the one doing the experiment. Victimless crime, at most.
Does that mean that I hijacked their identiy and forged it? What level of trust do you place in the AS_PATH for your routing, debugging and decision making process?
AS_PATH != identity, and I would not recommend loading the latter onto the former.
Personally, I would be upset if someone injected a route with my ASN in the AS_PATH without my permission.
Why? Is this a theoretical "because it's ugly" complaint, or is there a reason why manipulating this particular BGP attribute in this particular way is so bad? Organizations do filtering and routing manipulation all over the place. Is there something worse about doing it this way than others? David Barak Need Geek Rock? Try The Franchise: http://www.listentothefranchise.com