FYI for the group -- we just published this: https://blog.cloudflare.com/how-verizon-and-a-bgp-optimizer-knocked-large-pa... _________________ *Justin Paine* Director of Trust & Safety PGP: BBAA 6BCE 3305 7FD6 6452 7115 57B6 0114 DE0B 314D 101 Townsend St., San Francisco, CA 94107 On Mon, Jun 24, 2019 at 2:25 PM Mark Tinka <mark.tinka@seacom.mu> wrote:
On 24/Jun/19 18:09, Pavel Lunin wrote:
Hehe, I haven't seen this text before. Can't agree more.
Get your tie back on Job, nobody listened again.
More seriously, I see no difference between prefix hijacking and the so called bgp optimisation based on completely fake announces on behalf of other people.
If ever your upstream or any other party who your company pays money to does this dirty thing, now it's just the right moment to go explain them that you consider this dangerous for your business and are looking for better partners among those who know how to run internet without breaking it.
We struggled with a number of networks using these over eBGP sessions they had with networks that shared their routing data with BGPmon. It sent off all sorts of alarms, and troubleshooting it was hard when a network thinks you are de-aggregating massively, and yet you know you aren't.
Each case took nearly 3 weeks to figure out.
BGP optimizers are the bane of my existence.
Mark.