On Sat, Oct 10, 2009 at 4:24 PM, ML <ml@kenweb.org> wrote:
Matthew Huff wrote:
About 4 hours ago BGPmon picked up a rogue announcement of 129.77.0.0 from AS9035 (ASN-WIND Wind Telecomunicazioni spa) with an upstream of AS1267 (ASN-INFOSTRADA Infostrada S.p.A.). I don't see it now on any looking glass sites. Hopefully this was just a typo that was quickly corrected. I would appreciate if people have time and can double check let me know if any announcements are active except from our AS6128/AS6395 upstreams.
If this were to persist, what would be the best course of action to resolve it, especially given that the AS was within RIPE.
---- Matthew Huff | One Manhattanville Rd OTA Management LLC | Purchase, NY 10577 http://www.ox.com | Phone: 914-460-4039 aim: matthewbhuff | Fax: 914-460-4139
Was there an explanation for the leak posted?
Maybe this was a coincidence but the only prefixes I received alerts on were prefixes I only advertise to Level3. There was one exception. There was a leaked prefix that is the next /24 above on our Level3 only prefixes.
-ML
on a side note, has anyone that's running any of these type of monitoring services performed any analysis or compiled any metrics on leaks? (renesys maybe?) personally, i'd be sort of interested in seeing some stats on leaks such as: origin (asn/network, country, common/exchange point) duration of leak size of leak # of upstream networks that accepted the leaked prefixes asn of networks that accepted the leak # of incidents per network/repeat offenders -ck