On Thu, 30 Aug 2012, Anurag Bhatia wrote:
I tried looking on net but couldn't found direct answer, so thought to ask here for some advise.
Is using /24 a must to protect (a bit) against route hijacking? We all remember case of YouTube 2008 and hijacking in Pakistan. At that time YouTube was using /22 and thus /24 (more specific) announcement took almost all of Google's traffic even when AS path was long. So Google's direct also likely sent packets to Pakistan. Later Google too used /24 (and I guess /25 too to effect some region of internet). Similar case I remember for issue reported between Altus and hijacking by someone connected to Cleaveland exchange when ISP was using /23 and spammer used /24.
So can we conclude that one should always use /24 to make sure that they loose as little as possible traffic during prefix hijacking?
As an exercise, grab a copy of the global routing table, convert all shorter than /24 networks into /24s and tell us, how big is your hijack-resistant global table now? How many networks will be unable to handle it because it overflows their routers route table capacity? In short, no...you/everyone should not announce all their space as /24s just in case someone tries to or accidentally hijacks some of their space. Your solution does not scale. ---------------------------------------------------------------------- Jon Lewis, MCP :) | I route Senior Network Engineer | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________