On Fri, Sep 09, 2005 at 11:25:25AM -0400, Richard A Steenbergen wrote:
Looks like 12956 is announcing some /8s to every peer and transit. Worse still, Sprint and GX are propagating it. This is not the first time that Telefonica has leaked a lot of garbage routes with serious network impact as a result (nor is it the second or third, actually).
12.0.0.0/8 64.0.0.0/8 65.0.0.0/8
I'd say both GX and Sprint have a lot to answer for right about now.
Minor apologies to GX, it looks like Telefonica isn't a customer any more, just a direct peer. I'm still annoyed from the last outage caused when Telefonica leaked routes to GX as a transit customer. Sprint on the other hand propagated this as full transit. I'm glad to see no one has learned from AS7007. :) As for how to prevent this from happening again... I know many people who aren't able to implement full peer filtering are at least enforcing simple as-path checks on the largest ASNs (making sure that customers and peers don't reannounce paths which have 7018 in them, for example), but it doesn't look like anyone is trying to filter things on a largest prefix basis. When AS26210 decides to start originating the prefixes themselves instead of just leaking it from 7018, boom. -- Richard A Steenbergen <ras@e-gerbil.net> http://www.e-gerbil.net/ras GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)