Cogent leaking /32s?

Alex H. Ryu r.hyunseog at ieee.org
Fri Oct 2 16:01:07 UTC 2009


If there is DDoS attack going on from/to specific /32, sometimes they do
that to avoid too much overload for the network.
Cogent should give the answer for what's going on.

Alex

Zak Thompson wrote:
> We had a problem with cogent about a year ago.  Somehow.. cymru was
> announcing a /32 of ours and black holing it for whatever reason.  It
> was removed but wasn't happy that cogent was allowing cymru to do this
> sort of action.  To this date we do not have a valid reason from cogent
> on why they allowed this to happen.
>
> Cheers,
> Zak Thompson
>
>
>
> -----Original Message-----
> From: ML [mailto:ml at kenweb.org] 
> Sent: Friday, October 02, 2009 7:23 AM
> To: nanog at nanog.org
> Subject: Cogent leaking /32s?
>
> I received an alert from Cyclops telling me a probe in AS513 had seen a 
> /32 that I announce to Cogent for one of our BGP sessions.
>
> Did anyone else see this?
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>   





More information about the NANOG mailing list