Indonesian ISP Moratel announces Google's prefixes
Patrick W. Gilmore
patrick at ianai.net
Wed Nov 7 05:26:59 UTC 2012
On Nov 07, 2012, at 00:21 , Jian Gu <guxiaojian at gmail.com> wrote:
> I don't know what Google and Moratel's peering agreement, but "leak"?
> educate me, Google is announcing /24 for all of their 4 NS prefix and
> 8.8.8.0/24 for their public DNS server, how did Moratel leak those routes
> to Internet?
Downthread, someone said what is typical with peering prefixes, i.e. announce to customers, not to peers or upstreams. How do you think peering works?
However, I place most of the blame on PCCW for crappy filtering of their customers. And I'm a little surprised to see nLayer in the path. Shame on them! (Does that have any effect any more? :)
Oh, and we are still waiting for an answer: Which attribute do you think Google could have used to stop this?
--
TTFN,
patrick
> On Tue, Nov 6, 2012 at 9:13 PM, Patrick W. Gilmore <patrick at ianai.net>wrote:
>
>> On Nov 07, 2012, at 00:07 , Jian Gu <guxiaojian at gmail.com> wrote:
>>
>>> Where did you get the idea that a Moratel customer announced a
>> google-owned
>>> prefix to Moratel and Moratel did not have the proper filters in place?
>>> according to the blog, all google's 4 authoritative DNS server networks
>> and
>>> 8.8.8.0/24 were wrongly routed to Moratel, what's the possiblity for a
>>> Moratel customers announce all those prefixes?
>>
>> Ah, right, they just leaked Google's prefix. I thought a customer
>> originated the prefix.
>>
>> Original question still stands. Which attribute do you expect Google to
>> set to stop this?
>>
>> Hint: Don't say No-Advertise, unless you want peers to only talk to the
>> adjacent AS, not their customers or their customers' customers, etc.
>>
>> Looking forward to your answer.
>>
>> --
>> TTFN,
>> patrick
>>
>>
>>> On Tue, Nov 6, 2012 at 9:02 PM, Patrick W. Gilmore <patrick at ianai.net
>>> wrote:
>>>
>>>> On Nov 06, 2012, at 23:48 , Jian Gu <guxiaojian at gmail.com> wrote:
>>>>
>>>>> What do you mean hijack? Google is peering with Moratel, if Google does
>>>> not
>>>>> want Moratel to advertise its routes to Moratel's peers/upstreams, then
>>>>> Google should've set the correct BGP attributes in the first place.
>>>>
>>>> That doesn't make the slightest bit of sense.
>>>>
>>>> If a Moratel customer announced a Google-owned prefix to Moratel, and
>>>> Moratel did not have the proper filters in place, there is nothing
>> Google
>>>> could do to stop the hijack from happening.
>>>>
>>>> Exactly what attribute do you think would stop this?
>>>>
>>>> --
>>>> TTFN,
>>>> patrick
>>>>
>>>>
>>>>> On Tue, Nov 6, 2012 at 3:35 AM, Anurag Bhatia <me at anuragbhatia.com>
>>>> wrote:
>>>>>
>>>>>> Another case of route hijack -
>>>>>>
>>>>
>> http://blog.cloudflare.com/why-google-went-offline-today-and-a-bit-about
>>>>>>
>>>>>>
>>>>>>
>>>>>> I am curious if big networks have any pre-defined filters for big
>>>> content
>>>>>> providers like Google to avoid these? I am sure internet community
>>>> would be
>>>>>> working in direction to somehow prevent these issues. Curious to know
>>>>>> developments so far.
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> Thanks.
>>>>>>
>>>>>>
>>>>>> --
>>>>>>
>>>>>> Anurag Bhatia
>>>>>> anuragbhatia.com
>>>>>>
>>>>>> Linkedin <http://in.linkedin.com/in/anuragbhatia21> |
>>>>>> Twitter<https://twitter.com/anurag_bhatia>|
>>>>>> Google+ <https://plus.google.com/118280168625121532854>
>>>>>>
>>>>>
>>>>
>>>>
>>>>
>>
>>
>>
More information about the NANOG
mailing list