HE doesn't provide any community based TE and I would say they're a pretty major network. Filip On 14 June 2019 2:17:43 am GMT+02:00, Joe Provo <nanog-post@rsuc.gweep.net> wrote:
On Thu, Jun 13, 2019 at 09:58:20AM -0400, Joe Abley wrote:
Hey Joe,
On 12 Jun 2019, at 12:37, Joe Provo <nanog-post@rsuc.gweep.net> wrote:
On Wed, Jun 12, 2019 at 04:10:00PM +0000, David Guo via NANOG wrote:
Send abuse complaint to the upstreams
...and then name & shame publicly. AS-path forgery "for TE" was never a good idea. Sharing the affected prefix[es]/path[s] would be good.
I realise lots of people dislike AS_PATH stuffing with other peoples' AS numbers and treat it as a form of hijacking.
However, there's an argument that AS_PATH is really just a loop-avoidance mechanism, not some kind of AS-granular traceroute for prefix propagation. In that sense, stuffing 9327 into a prefix as a mechanism to stop that prefix being accepted by AS 9327 seems almost reasonable. (I assume this is the kind of TE you are talking about.)
What is the principal harm of doing this? Honest question. I'm not advocating for anything, just curious.
There is no way at a distance to tell the difference between: - legitimate AS forwarding - ham-fistedly attempting "innocent" TE away from the forged AS - maliciously hiding traffic from the forged AS - an error with the forged AS
IME, when you can NOT look like an error or an attack, that's a Good Thing.
The last "major" provider who failed to provide BGP community-based TE was 3549, and with their absorbtion into 3356 no one should have any tolerance for this garbage, IMNSHO.
Cheers,
joe
-- Posted from my personal account - see X-Disclaimer header. Joe Provo / Gweep / Earthling
-- Sent from my Android device with K-9 Mail. Please excuse my brevity.