So -- what did happen to Panix?
karlinjf at cs.unm.edu
Wed Feb 8 16:08:07 UTC 2006
Here is what we propose in PGBGP. If you have a more specific route
and its AS Path does not contain any of the less specific route's
origins, then ignore it for a day and keep routing to the less
specific origin. If it's legitimate the less specific origin should
forward the data on for the day.
We see about 30 of these suspicious routes per day.
I imagine some of you will not like this sceheme. Please let me know why.
On 2/8/06, Jeffrey Haas <jhaas at nexthop.com> wrote:
> On Wed, Feb 08, 2006 at 04:37:31AM +0000, Christopher L. Morrow wrote:
> > I had thought Josh's paper (or maybe not josh, whomever it was) said
> > something along the lines of:
> > 1) if more than one announcement prefer 'longer term', 'older', 'more
> > usual' route
> > 2) if only one route take it and run!
> FWIW, this sort of mechanism was discussed among the IETF RPSEC WG
> task group that is working on BGP security requirements.
> On the presumption that some database of stable routes and paths
> is present, you could bias your preference in your routes for
> more stable routes and paths.
> You would also need to decide what to do about more specific routes
> covered by stable routes. Do you ignore them? This is a harder
> Jeff Haas
> NextHop Technologies
More information about the NANOG