Seeing the same thing here. Had alerts from Cyclops roll in for all 7 of our prefixes at: 2009-07-28 08:30:26, lasted 35 mins or so: Alert ID: 4910940 Alert type: origin change Monitored ASN,prefix: 174.137.112.0/20 Offending attribute: 174.137.112.0/20-13214 Date: 2009-07-28 08:30:26 UTC Duration: 00:00:01 (hh:mm:ss) --kyle On Tue, Jul 28, 2009 at 7:53 AM, sjk<sjk@sleepycatz.com> wrote:
Russell Heilling wrote:
2009/5/11 Ricardo Oliveira <rveloso@cs.ucla.edu>:
Hi all,
First, thanks for using Cyclops, and thanks for all the Cyclops users that drop me a message about this.
It seems some router in AS13214 decided to originate all the prefixes and send them to AS48285 in the Caymans, all the ASPATHs are 48285 13214. The first announcement was on 2009-05-11 11:03:11 UTC and last on 2009-05-11 12:16:32 UTC, there were 266,289 prefixes leaked (they were withdrawn afterwards)
It looks like AS13214 are misbehaving again... We have just started receiving cyclops alerts indicating that AS13214 is announcing our prefixes again:
We are seeing the same thing for two of our prefixes:
Offending attribute: 66.251.224.0/19-13214
Offending attribute: 66.146.192.0/19-48285
Pretty annoying
--steve