Home page logo
/

nanog logo nanog mailing list archives

Re: Anyone notice strange announcements for 174.128.31.0/24
From: David Barak <thegameiam () yahoo com>
Date: Tue, 13 Jan 2009 08:53:42 -0800 (PST)






--- On Tue, 1/13/09, Jared Mauch <jared () puck nether net> wrote:

      No, they are both victims.  If I inject a path that
purports
there is an edge between two networks which are engaged in
a bitter
dispute, (i'll use cogent & sprint as an example) -
_1239_174_ that may
create a situation where someone asserts that their routes
are
being filtered when infact no connectivity exists.

That's a theoretical possibility, but who would be the one doing the asserting?  I would argue that it would either be 
the owner of the announced space or someone trying to reach it.  In this case, nobody was trying to reach the /24 in 
question, and the owner was the one doing the experiment.  Victimless crime, at most.



      Does that mean that I hijacked their identiy and forged
it?  What level of trust do you place in the AS_PATH for your
routing, debugging and
decision making process?

AS_PATH != identity, and I would not recommend loading the latter onto the former.


      Personally, I would be upset if someone injected a route
with my ASN in the AS_PATH without my permission.

Why?  Is this a theoretical "because it's ugly" complaint, or is there a reason why manipulating this particular BGP 
attribute in this particular way is so bad?  Organizations do filtering and routing manipulation all over the place.  
Is there something worse about doing it this way than others?

David Barak
Need Geek Rock?  Try The Franchise: 
http://www.listentothefranchise.com



      


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault