Suspecious anycast prefixes

Yaoqing(Joey) Liu joey.liuyq at
Thu May 5 14:36:50 UTC 2011

On Thu, May 5, 2011 at 3:54 AM, Joe Abley <jabley at> wrote:
> On 2011-05-05, at 11:46, bmanning at wrote:
>> On Wed, May 04, 2011 at 10:23:12PM -0500, Yaoqing(Joey) Liu wrote:
>>> AS4555:ASName: EP0-BLK-ASNBLOCK-5;OrgName:Almond Oil Process, LLC.
>>> AS9584:as-name:GENESIS-AP| Limited|country:HK
>>> AS20144:ASName: L-ROOT;Comment:distributed using Anycast.
>>> AS42909: as-name:         COMMUNITYDNS;descr:           Internet
>>> Computer Bureau Ltd
>>       according to Filip, this is -NOT- supposed to be
>>       anycast.  the only legal origin ASN is 4555.
>>       these other ASNs have hijacked the prefix.
> The source data above may be old, or simply wrong -- I don't see *any* AS originating that prefix right now, and I can confirm specifically AS20144 is not configured to originate it.

This is based on last four year's data(2007-2010)collected from more
than 120 peers around the world. Today it may be not announced
anymore, but it used to be announced by the four ASNs simultaneously.
I just checked the detailed info about this prefix, here it is about
the prefix:
(ASN: average peers announcing this prefix:existing period:total
appearing days: MOAS period: total appearing days)
MY source data
> Perhaps I'm misunderstanding the original question, but the assertion that anybody is hijacking that particular prefix seems false.
This needs to do further analysis to confirm if it was hijacked

> Joe

More information about the NANOG mailing list