Anyone notice strange announcements for 22.214.171.124/24
kris.foster at gmail.com
Wed Jan 14 23:22:53 UTC 2009
On Jan 14, 2009, at 2:52 PM, Michienne Dixon wrote:
> Well, if you really want to pick knits you are welcome to. If I meant
> prepending, I would have said that. The example that I listed was
> setting up a router, advertising the ASNs listed and the random IP
> ranges gleaned from IANA. Sorry if I confused you.
The point I believe John is trying to make is that *ASNs are not
announced*. There are no advertisements that say "this is how to get
to ASN X". BGP updates specifically announce network layer reachability.
This is an important point in this discussion. There are a lot of
comments being made that are just simply wrong and causing confusion
because of slips in terminology regarding the path attribute.
> -----Original Message-----
> From: John Payne [mailto:john at sackheads.org]
> Sent: Wednesday, January 14, 2009 3:57 PM
> To: Michienne Dixon
> Cc: NANOG list
> Subject: Re: Anyone notice strange announcements for 126.96.36.199/24
> On Jan 14, 2009, at 10:50 AM, Michienne Dixon wrote:
>> Interesting - So as a cyber criminal - I could setup a router, start
>> announcing AS 16733, 18872, and maybe 6966 for good measure and their
>> routers would ignore my announcements and IP ranges that I siphoned
>> from searching IANA? Hm... Would that also prevent them from
>> accessing my rogue network from their network?
> What do you mean "announcing AS 16733..." ?
> Putting 16733 in an AS PATH is not announcing it.
>> Michienne Dixon
>> Network Administrator
>> 312 Armour Rd.
>> North Kansas City, MO 64116
>> (816) 412-7990
>> -----Original Message-----
>> From: Simon Lockhart [mailto:simon at slimey.org]
>> Sent: Wednesday, January 14, 2009 2:07 AM
>> To: Hank Nussbacher
>> Cc: NANOG list
>> Subject: Re: Anyone notice strange announcements for 188.8.131.52/24
>> On Wed Jan 14, 2009 at 09:59:14AM +0200, Hank Nussbacher wrote:
>>> What if, by doing some research experiment, the researcher discovers
>>> some unknown and latent bug in IOS or JunOS that causes much of the
>>> Internet to go belly up? 1 in a billion chance, but nonetheless, a
>>> headsup would have been in order.
>> Say we had a customer who connected to us over BGP, and they used
>> new experimental BGP daemon. Their announcement was "odd" in some
>> but appeared clean to us (a Cisco house). Once their announcement hit
>> the a Foundry router, it tickled a bug which caused the router to
>> propogate the announcement, but also start to blackhole traffic. Oh
>> dear, large chunks of the Internet have just gone belly up.
>> Should we have given a heads up to the Internet at large that we were
>> turning up this customer?
>> (Yes, I'm in the minority that thinks that Randy hasn't done anything
>> Simon Lockhart | * Sun Server Colocation * ADSL * Domain Registration
>> Director | * Domain & Web Hosting * Internet Consultancy *
>> Bogons Ltd | * http://www.bogons.net/ * Email: info at bogons.net *
More information about the NANOG