Why not to use RPKI (Was Re: Argus: a hijacking alarm system)
xiangy08 at csnet1.cs.tsinghua.edu.cn
Mon Jan 23 09:51:00 CST 2012
2012/1/23 Christopher Morrow <morrowc.lists at gmail.com>
> ok, that seems squirrelly still :(
> so, take routeviews for example, they peer almost exclusively
> ebgp-multi-hop, so any 'best path' you see there isn't actually usable
> by the route-server... all traffic has to take the local transport out
> of the routeviews system, off to the internet and beyond. So, your
> blackhole testing isn't actually testing what you want, I think :(
it is not a serious problem, I think.
1). we do not use routeviews-like routeservers for hijacking
identification, we only use router.
2). there is a high possibility that, the 'best path' is the path in FIB
3). if the 'best path' is not the path in FIB,
there is still a high possibility that the 'best path' is the path in
the FIB of other routes in the same AS.
4), our criterion is a threshold of a fingerprint, not a extremum.
the fingerprint evaluated the possibility.
hope I'm not wrong. :)
Yang Xiang. Ph.D candidate. Tsinghua University
More information about the NANOG