questions regarding prefix hijacking

Martin T m4rtntns at gmail.com
Wed Aug 7 08:20:52 UTC 2013


Hi,

as probably many of you know, it's possible to create a "route" object
to RIPE database for an address space which is allocated outside the
RIPE region using the RIPE-NCC-RPSL-MNT maintainer object. For example
an address space is from APNIC or ARIN region and AS is from RIPE
region. For example a LIR in RIPE region creates a "route" object to
RIPE database for 157.166.266.0/24(used by Turner Broadcasting System)
prefix without having written permission from Turner Broadcasting
System and as this LIR uses up-link providers who create prefix
filters automatically according to RADb database entries, this ISP is
soon able to announce this 157.166.266.0/24 prefix to Internet. This
should disturb the availability of the real 157.166.266.0/24 network
on Internet? Has there been such situations in history? Isn't there a
method against such hijacking? Or have I misunderstood something and
this isn't possible?


regards,
Martin



More information about the NANOG mailing list