On Jan 14, 2009, at 2:52 PM, Michienne Dixon wrote:
Well, if you really want to pick knits you are welcome to. If I meant prepending, I would have said that. The example that I listed was setting up a router, advertising the ASNs listed and the random IP ranges gleaned from IANA. Sorry if I confused you.
The point I believe John is trying to make is that *ASNs are not announced*. There are no advertisements that say "this is how to get to ASN X". BGP updates specifically announce network layer reachability. This is an important point in this discussion. There are a lot of comments being made that are just simply wrong and causing confusion because of slips in terminology regarding the path attribute. Kris
-----Original Message----- From: John Payne [mailto:john@sackheads.org] Sent: Wednesday, January 14, 2009 3:57 PM To: Michienne Dixon Cc: NANOG list Subject: Re: Anyone notice strange announcements for 174.128.31.0/24
On Jan 14, 2009, at 10:50 AM, Michienne Dixon wrote:
Interesting - So as a cyber criminal - I could setup a router, start announcing AS 16733, 18872, and maybe 6966 for good measure and their routers would ignore my announcements and IP ranges that I siphoned from searching IANA? Hm... Would that also prevent them from accessing my rogue network from their network?
What do you mean "announcing AS 16733..." ?
Putting 16733 in an AS PATH is not announcing it.
- Michienne Dixon Network Administrator liNKCity 312 Armour Rd. North Kansas City, MO 64116 www.linkcity.org (816) 412-7990
-----Original Message----- From: Simon Lockhart [mailto:simon@slimey.org] Sent: Wednesday, January 14, 2009 2:07 AM To: Hank Nussbacher Cc: NANOG list Subject: Re: Anyone notice strange announcements for 174.128.31.0/24
On Wed Jan 14, 2009 at 09:59:14AM +0200, Hank Nussbacher wrote:
What if, by doing some research experiment, the researcher discovers some unknown and latent bug in IOS or JunOS that causes much of the Internet to go belly up? 1 in a billion chance, but nonetheless, a headsup would have been in order.
Say we had a customer who connected to us over BGP, and they used some
new experimental BGP daemon. Their announcement was "odd" in some way,
but appeared clean to us (a Cisco house). Once their announcement hit the a Foundry router, it tickled a bug which caused the router to propogate the announcement, but also start to blackhole traffic. Oh dear, large chunks of the Internet have just gone belly up.
Should we have given a heads up to the Internet at large that we were turning up this customer?
Simon (Yes, I'm in the minority that thinks that Randy hasn't done anything bad) --
Simon Lockhart | * Sun Server Colocation * ADSL * Domain Registration * Director | * Domain & Web Hosting * Internet Consultancy * Bogons Ltd | * http://www.bogons.net/ * Email: info@bogons.net *