BGP to doom us all

• Previous message (by thread): BGP to doom us all
• Next message (by thread): BGP to doom us all
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 28 Feb 2003, Steven M. Bellovin wrote:
> >> My own opinion is that sophisticated routing attacks are the
> >> single biggest threat to the Internet.
> >
> >My opinion is that lazy operational practices are the single biggest threat to
> >the Internet. What's the point of building security and robustness into a syst
> >em
> >when people choose not to turn it on?
> >
>
> "Never attribute to malice what can be explained by incompetence".

How do you tell the difference?  There have been weird routing problems
on the Net for a long time.  Some have been large, and quickly fixed.
Others have been small, and aren't fixed (as quickly).  Some don't even
cause problems, but route traffic through unusual places.  There have
been a few poison packets over the years which crashed alternate
implementations.  Although I still think the recovery mechanism was
sometimes worse than the problem.

I'll be stupid, and ask some questions I've always wondered about.

Why should routes learned by eBGP have a higher priority than iBGP?

Why should BGP implementations flap all good routes when they see a single
bad route packet?

Why don't SWIP forms include Origin-AS?

• Previous message (by thread): BGP to doom us all
• Next message (by thread): BGP to doom us all
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]