y'all, On Mon, Feb 25, 2008 at 06:49:35AM -0800, Barry Greene (bgreene) wrote:
Seriously -- a number of us have been warning that this could happen. More precisely, we've been warning that this could happen *again*; we all know about many older incidents, from the barely noticed to the very noisy. (AS 7007, anyone?) Something like S-BGP will stop this cold.
Yes, I know there are serious deployment and operational issues. The question is this: when is the pain from routing incidents great enough that we're forced to act? It would have been nice to have done something before this, since now all the world's script kiddies have seen what can be done.
BCPs stops this problem. soBGP may make it easier.
except in the most meaningless of interpretations, i don't see how BCPs solve this problem. Barry: did you mean: "If only everyone on the Internet would perfectly filter their customers prefix announcements on every connection, then everything would be fine?" Or perhaps: "If everyone would register all of their prefixes in some applicable routing registry with such a degree of accuracy that we could build customer and peer filters out of it then this problem would go away." ? both are true statements, but neither is ever going to happen (i'm not sure that sBGP or soBGP is going to happen ever either). in the mean time all we can do is watch and try to respond to events as quickly as they occur. In fact, we would all be better off if more people were just watching their prefix announcement progapations. Although this hijacking/blackholing was caught quickly, i have seen many other cases where the event lasted for hours (or days). by the way: my colleague Martin A. Brown (who spoke at NANOG on the Taiwan Earthquakes), has written a fairly detailed blog post on the this event. It includes a detailed timeline and some information for people who might find that useful. http://www.renesys.com/blog/2008/02/pakistan_hijacks_youtube_1.shtml Clearly this is not the first interesting accidental hijacking and certainly won't be the last. t. -- _____________________________________________________________________ todd underwood +1 603 643 9300 x101 renesys corporation general manager babbledog todd@renesys.com http://www.renesys.com/blog