Florian Weimer wrote:
I think this is over the line. You can't put other people's IDs into routing data on production networks. (Well, technically you can, obviously, but you shouldn't.)
Actually, the placement of the ASN is exactly what they need to do the test, as it is treated as a routing loop and discarded. This allows for fancy reachability tests while a portion of the network cannot see the route in question. Of course, people track their ASN usage these days and get red alarms when their ASN shows up in ways unexpected. I'm not completely sure why the ASN matters, except it's probably just a bonus service to route hijacking detection (since ASN hijacking doesn't exactly serve a purpose except to limit the route being advertised and perhaps leave someone complaining to the wrong person if the hijacker is doing bad things). Jack