Regarding smaller prefix for hijack protection
andy at nosignal.org
Thu Aug 30 16:59:56 UTC 2012
On 30/08/12 12:54, Anurag Bhatia wrote:
> Is using /24 a must to protect (a bit) against route hijacking?
Announcing your, say /19 as 32 /24s does not prevent someone from trying
to hijack you, you will still get some disruption if someone tries, but
you might limit the scope of their success or the scope of your
perceived outage (which is why temporary shorter prefixes are announced
in order to limit the effects of hijacks, including in the example you
Far more useful to monitor and take evasive action in the event of a hijack.
> So can we conclude that one should always use /24 to make sure that they
> loose as little as possible traffic during prefix hijacking?
There is not room for 4bn entries in the routing table. You deserved to
be filtered off the net if you try this stunt !
More information about the NANOG