BGPMON Alert Questions
Andree Toonk
andree+nanog at toonk.nl
Wed Apr 2 23:16:23 UTC 2014
Quick update from BGPmon:
We've detected 415,652 prefixes being hijacked by Indosat today. 8,233
of those were seen by more than 10 of our BGP collectors.
When receiving a BGPmon alerts, one of the metrics to look at that will
help with determining the scope and impact is the 'Detected by #peers'
value.
Many of the alerts where only seen by one or two peers in Thailand. This
indicates that communications for those prefixes would likely have been
affected for some in Thailand.
8,233 of the hijacked prefixes were seen by more than 10 of our peers.
For those the impact would have been more severe.
Since we're on Nanog, here's al list of US based networks affected by
Indosat hijack that were seen by more than 10 unique ASns:
http://portal.bgpmon.net/data/indosat-us.txt it includes apple, telia,
ntt, level3, comcast, cableone, akamai, Joyent
Same for Canadian prefixes (keep in mind there were more hijacked
prefixes, this is just the list for which the hijack was seen by more
than 10 of our peers)
http://portal.bgpmon.net/data/indosat-ca.txt
Cheers,
Andree
.-- My secret spy satellite informs me that at 2014-04-02 2:20 PM
Laszlo Hanyecz wrote:
> They're just leaking every route right?
> Is it possible to poison the AS paths you announce with their own AS to get them to let go of your prefixes until it's fixed?
> Would that work, or some other trick that can be done without their cooperation?
>
> Thanks,
> Laszlo
>
>
More information about the NANOG
mailing list