Quick update from BGPmon: We've detected 415,652 prefixes being hijacked by Indosat today. 8,233 of those were seen by more than 10 of our BGP collectors. When receiving a BGPmon alerts, one of the metrics to look at that will help with determining the scope and impact is the 'Detected by #peers' value. Many of the alerts where only seen by one or two peers in Thailand. This indicates that communications for those prefixes would likely have been affected for some in Thailand. 8,233 of the hijacked prefixes were seen by more than 10 of our peers. For those the impact would have been more severe. Since we're on Nanog, here's al list of US based networks affected by Indosat hijack that were seen by more than 10 unique ASns: http://portal.bgpmon.net/data/indosat-us.txt it includes apple, telia, ntt, level3, comcast, cableone, akamai, Joyent Same for Canadian prefixes (keep in mind there were more hijacked prefixes, this is just the list for which the hijack was seen by more than 10 of our peers) http://portal.bgpmon.net/data/indosat-ca.txt Cheers, Andree .-- My secret spy satellite informs me that at 2014-04-02 2:20 PM Laszlo Hanyecz wrote:
They're just leaking every route right? Is it possible to poison the AS paths you announce with their own AS to get them to let go of your prefixes until it's fixed? Would that work, or some other trick that can be done without their cooperation?
Thanks, Laszlo