Home page logo

nanog logo nanog mailing list archives

illicit above.net announcements?
From: Kai Schlichting <kai () pac-rim net>
Date: Thu, 01 Jun 2000 12:10:23 -0400

Anyone here who is on the Vienna/London/Amsterdam exchange(s) and
who is seeing what is alleged here: above.net leaking and/or
flapping routes that are not their own ?

Is there a lookingglass at any of these exchanges that is publicly


Delivered-To: majordom-abusespamtools-out () xuxa iecc com
Date: Fri, 2 Jun 2000 04:13:23 +1200 (NZST)
From: Alan Brown <alan () manawatu gen nz>
X-Sender: alanb () mailhost manawatu net nz
To: Kai Schlichting <kai () conti nu>
cc: spamtools () abuse net
Subject: Re: [spamtools] Re: spamtools-digest V2 #326
Sender: owner-spamtools () abuse net
Reply-To: spamtools () abuse net

On Thu, 1 Jun 2000, Kai Schlichting wrote:

Hmm, please give me a list of the routes advertised as well as the
peering points this was or is seen at.

Vienna Internet Exchange.

London Internet Exchange.

Amsterdam Internet Exchange.

Routes are 202.36.147/24, 202.36.148/24 and 202.50.71/24 ie superblocks
of the same.

Any exchange that is more
than a backroom operation in someone's closet has a policy prohibiting
such unauthorized announcements. I will assume for now that these
are route leaks that are escaping through above.net's BGP distribution
filters: something that is entirely within the real of possibility,
but which has to be stopped.

My suppliers refuse to stop advertising the /16s containing my netblocks
into above.net - but claim to have set up /24 adverts into their other

Unfortunately, those /24 adverts appear to be flapping. <sarcasm>I
wonder who could be causing that and why they'd do it? </sarcasm>


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]