[#135346] Unauthorized BGP Announcements (follow up to Hijacked Networks)

George Bonser gbonser at seven.com
Wed Feb 1 21:21:01 UTC 2012


> The problem is no one will actually blacklist a big ASN because its not
> in the individual best interest, which scales greatly with size. RPKI
> is pretty much the only real fix for this if the chain until the major
> carrier refuses to delist, and RPKI has it's own issues.
> 
> -Blake

Sadly, you're right. But my guess is that such a blacklisting would have to be done for only a very short period of time and once it is done once or twice, it would never need to be done again.  But it probably is too big a hammer.

Until there is some sort of registry that is the source of truth and is easy to use (distributed?), we're going to keep repeating this process.  




More information about the NANOG mailing list