On Sun, 8 Jul 2007, Marcus H. Sachs wrote:
If we had routing registries that were accurate and authoritative, then soBGP/S-BGP would have something to verify a route change against. It should not matter if last Friday's event was a leak or a false announcement - with some sort of verification system we could mitigate errors, intentional or accidental.
either way, in this case (and a number of other public incidents/outages in the last 3 years) simple prefix-list application would have resolved the issue. Cogent leak via (i think) turk-telecom NY-Edison leak 9918 leak this-leak all would have been prevented with the most simple of steps: "prefix filter your customers". While S*BGP seem like they may offer additional protections and additional knobs to be used for protecting 'us' from 'them', the very basics are obviously not being done so added complexity is not going to really help :( Or, perhaps its not that its not going to help its just not going to get done because even prefix-lists are 'too hard', apparently. -Chris