Regarding smaller prefix for hijack protection
Jon Lewis
jlewis at lewis.org
Thu Aug 30 12:08:39 UTC 2012
On Thu, 30 Aug 2012, Anurag Bhatia wrote:
> I tried looking on net but couldn't found direct answer, so thought to ask
> here for some advise.
>
> Is using /24 a must to protect (a bit) against route hijacking? We all
> remember case of YouTube 2008 and hijacking in Pakistan. At that time
> YouTube was using /22 and thus /24 (more specific) announcement took almost
> all of Google's traffic even when AS path was long. So Google's direct also
> likely sent packets to Pakistan. Later Google too used /24 (and I guess /25
> too to effect some region of internet). Similar case I remember for issue
> reported between Altus and hijacking by someone connected to Cleaveland
> exchange when ISP was using /23 and spammer used /24.
>
>
> So can we conclude that one should always use /24 to make sure that they
> loose as little as possible traffic during prefix hijacking?
As an exercise, grab a copy of the global routing table, convert all
shorter than /24 networks into /24s and tell us, how big is your
hijack-resistant global table now? How many networks will be unable to
handle it because it overflows their routers route table capacity?
In short, no...you/everyone should not announce all their space as /24s
just in case someone tries to or accidentally hijacks some of their space.
Your solution does not scale.
----------------------------------------------------------------------
Jon Lewis, MCP :) | I route
Senior Network Engineer | therefore you are
Atlantic Net |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
More information about the NANOG
mailing list