The upstreams should certainly be filtering this. I am truly surprised someone is still leaking a ten/8 network to the world.

I'm not surprised someone is still leaking a 10/8 network. Remember "Trust, but verify...." I'm surprised anyone on this list would still be accepting 10/8 (and admit it). In-bound filters are as important as out-bound filters. And out-bound filters are as important as in-bound filters. Its a fact of life, everyone makes mistakes. It doesn't matter if it is an upstream, downstream, or sideways connection. There have been mistakes made in all directions. You need filters on both sides, in both directions. This is why its important to know what your upstream, downstream and sideways connections should be announcing, otherwise it is very difficult to tell when one of your upstream, downstream or sideways connections announces something they shouldn't. Of course, finding out what they should be announcing, storing the list on your router, and finding enough CPU to process the access lists, is another topic. See previous thousand messages on that topic. This isn't rocket science, its management science. -- Sean Donelan, Data Research Associates, Inc, St. Louis, MO Affiliation given for identification not representation