Anyone notice strange announcements for 126.96.36.199/24
john at sackheads.org
Thu Jan 15 12:45:26 UTC 2009
On Jan 14, 2009, at 6:22 PM, kris foster wrote:
> On Jan 14, 2009, at 2:52 PM, Michienne Dixon wrote:
>> Well, if you really want to pick knits you are welcome to. If I
>> prepending, I would have said that. The example that I listed was
>> setting up a router, advertising the ASNs listed and the random IP
>> ranges gleaned from IANA. Sorry if I confused you.
> The point I believe John is trying to make is that *ASNs are not
> announced*. There are no advertisements that say "this is how to get
> to ASN X". BGP updates specifically announce network layer
> This is an important point in this discussion. There are a lot of
> comments being made that are just simply wrong and causing confusion
> because of slips in terminology regarding the path attribute.
Thanks Kris - exactly what I was getting to.
>> -----Original Message-----
>> From: John Payne [mailto:john at sackheads.org]
>> Sent: Wednesday, January 14, 2009 3:57 PM
>> To: Michienne Dixon
>> Cc: NANOG list
>> Subject: Re: Anyone notice strange announcements for 188.8.131.52/24
>> On Jan 14, 2009, at 10:50 AM, Michienne Dixon wrote:
>>> Interesting - So as a cyber criminal - I could setup a router, start
>>> announcing AS 16733, 18872, and maybe 6966 for good measure and
>>> routers would ignore my announcements and IP ranges that I siphoned
>>> from searching IANA? Hm... Would that also prevent them from
>>> accessing my rogue network from their network?
>> What do you mean "announcing AS 16733..." ?
>> Putting 16733 in an AS PATH is not announcing it.
>>> Michienne Dixon
>>> Network Administrator
>>> 312 Armour Rd.
>>> North Kansas City, MO 64116
>>> (816) 412-7990
>>> -----Original Message-----
>>> From: Simon Lockhart [mailto:simon at slimey.org]
>>> Sent: Wednesday, January 14, 2009 2:07 AM
>>> To: Hank Nussbacher
>>> Cc: NANOG list
>>> Subject: Re: Anyone notice strange announcements for 184.108.40.206/24
>>> On Wed Jan 14, 2009 at 09:59:14AM +0200, Hank Nussbacher wrote:
>>>> What if, by doing some research experiment, the researcher
>>>> some unknown and latent bug in IOS or JunOS that causes much of the
>>>> Internet to go belly up? 1 in a billion chance, but nonetheless, a
>>>> headsup would have been in order.
>>> Say we had a customer who connected to us over BGP, and they used
>>> new experimental BGP daemon. Their announcement was "odd" in some
>>> but appeared clean to us (a Cisco house). Once their announcement
>>> the a Foundry router, it tickled a bug which caused the router to
>>> propogate the announcement, but also start to blackhole traffic. Oh
>>> dear, large chunks of the Internet have just gone belly up.
>>> Should we have given a heads up to the Internet at large that we
>>> turning up this customer?
>>> (Yes, I'm in the minority that thinks that Randy hasn't done
>>> Simon Lockhart | * Sun Server Colocation * ADSL * Domain
>>> Director | * Domain & Web Hosting * Internet Consultancy *
>>> Bogons Ltd | * http://www.bogons.net/ * Email:
>>> info at bogons.net *
More information about the NANOG