BGP related question

Andree Toonk andree+nanog at
Thu Aug 1 22:42:37 UTC 2013

Hi Parthiv,

.-- My secret spy satellite informs me that at 2013-08-01 7:00 AM  Shah,
Parthiv wrote:

> My apology if I am asking for a repeat question on the list. On 7/29/13 I read an incident about accidental BGP broadcast see article here or older 2008 incident

This was the same issue as was discussed last week on Nanog:
In summary there were 72 prefixes hijacked,  they also leaked a few
hundred more specifics of their own prefixes.
You can examples of similar events here:

> 1)  I would like to understand how can we detect and potentially prevent activities like this? I understand native BGP was not design to authenticate IP owners to the BGP broadcaster. Therefore, issues like this due to a human error would happen. How can activities like this be detected as this is clearly a threat if someone decides to broadcast IP networks of an organization and knock the real org. off the Net. 

There are a few BGP monitoring tools available, is one such

2) In reference to prevention, I recall there were discussions about
secure BGP (S-BGP), Pretty Good BGP, or Secure Original BGP but I don't
remember if any one of them was finalized (from practicality viewpoint)
and if any one of them is implementable/enforceable by ISPs (do anyone
have any insight)?

The thing we can improve today is providers doing a better job of
filtering. But that's still not full proof. Since many folks use
max-prefix filters only on for example Internet Exchange points, it's
easy to pick up a hijacked route from peers.
In the long term RPKI should solve this, but that's not full proof
either.  The next step is full path validation, that's going to take a
while. For more info see for example: or


More information about the NANOG mailing list