On Fri, 13 Apr 2018, Bjørn Mork wrote:
Date: Fri, 13 Apr 2018 10:13:47 +0200 From: Bjørn Mork <bjorn@mork.no> To: Anurag Bhatia <me@anuragbhatia.com> Cc: North American Network Operators' Group <nanog@nanog.org> Subject: Re: IPv4 and IPv6 hijacking by AS 6
Anurag Bhatia <me@anuragbhatia.com> writes:
Similar for AS2.
I believe we've seen bogus low AS number announcements a few times before, and they've usually been caused by attemts to configure AS path prepending without understanding and/or reading the docs.
Someone might have wrongly assumed that
set as-path prepend 133711 133711
could be written shorter like
set as-path prepend 133711 2
and there you go...
Yes, ASN2 sees about 1-4 configuration related "rogue" announcements per month. What is going on right now does not appear to be a small misconfiguration. The only route we (University of Delaware) are announcing w/ ASN2 is 128.4.0.0/16. Jason Jason Cash Deputy CIO University of Delaware cash@udel.edu 302-831-0461