On Thu, May 31, 2018 at 02:40:06PM +0000, Job Snijders wrote:
Upon further inspection, it seems more likely that the bgp optimiser is in ColoAU's network. Given the scale of AS 4637, if it were deployed inside Telstra I'd expect more problem reports. AS 4637 may actually just be an innocent bystander.
It is interesting to note that the /23 only appears on their Sydney based routers on https://lg.coloau.com.au/
Is ColoAU's refusal to cooperate a matter of misunderstanding? Perhaps you should just straight up ask whether they use any type of "network optimisation" appliance.
I found a few more interesting routes inside ColoAU's looking glass: 128.10.4.0/24 - AS_PATH 63956 4637 3257 29909 16532 16532 16532 16532 (should be 128.10.0.0/16 originated by AS 17, Purdue University) 192.54.130.0/24 - AS path: 135069 9439 (does not exist in the DFZ, a peering lan prefix? a typo?) 67.215.73.0/24 - AS path: 2764 1221 36692 (does not exist in the DFZ, a peering lan prefix? a typo?) ColoAU propagated the above routes to their transit customers, so the 128.10.4.0/24 and 18.29.238.0/23 announcements definitely count as BGP hijacks with fabricated an AS_PATH. Kind regards, Job