In message <CANQy6Fb2cv+bdtaz7LVx0G_D0FbxJYqSr=ki5Hfm_9QOum1cnw@mail.gmail.com> , Paul Ferguson writes:
On Wed, Aug 7, 2013 at 1:58 AM, Saku Ytti <saku@ytti.fi> wrote:
On (2013-08-07 11:20 +0300), Martin T wrote:
on Internet? Has there been such situations in history? Isn't there a method against such hijacking? Or have I misunderstood something and this isn't possible?
Certainly practical scenario, but in many cases not needed at all. In most cases upstream does not do any automatic prefix filter generation, it's maybe somewhat popular in mid-sized european shops but generally not too common.
There is active on-going work to secure BGP and you may want to read up on 'RPKI' which is further along that track.
I hope it has better adoption than BCP38/BCP84. :-)
SIDR should help with BCP38/BCP84 as it allows correct filters to be securely built. Mark
- ferg
-- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com
-- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org