We hit half-million: The Cidr Report

• Previous message (by thread): We hit half-million: The Cidr Report
• Next message (by thread): We hit half-million: The Cidr Report
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Le 29/04/2014 04:39, Valdis.Kletnieks at vt.edu a écrit :
> Do we have a handle on what percent of the de-aggrs are legitimate
> attempts at TE, and what percent are just whoopsies that should be
> re-aggregated?

Deaggs can "legitimatelly" occur for a different purpose : hijack
prevention (Pilosov & Kapela style).

It's fairly easy to punch a hole in a larger prefix, but winning the
reachability race while unable to propagate a more specific prefix
significantly increase hijacking costs.

For a less densely connected network (no presence on public IXPs, poor
transits...), renumbering critical services (DNS, MX, extranets) to
one of their /24s and de-aggregating it could be a smart move.
- -- 
Jérôme Nicolle

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlNg94YACgkQbt+nwQamihvv6wCdFS6gqfUJwD0m/OelYdWjCZui
S9cAnAkxlWyM4/JJmTPKxPWKYRXbz/c0
=vuYo
-----END PGP SIGNATURE-----

• Previous message (by thread): We hit half-million: The Cidr Report
• Next message (by thread): We hit half-million: The Cidr Report
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]