Prefix hijacking, how to prevent and fix currently

Randy Bush randy at psg.com
Fri Aug 29 09:48:47 UTC 2014


>>>>> Loose mode would drop failing routes, iff there is covering (i.e. less
>>>>> specific is ok) route already in RIB.
>>>> isn't that exactly the hole punching attack?
>>> No, as the the more specific route is signed and is preferred (longest
>>> match routing) against the less specific hijacked route
>> clearly i am missing something.  got a write-up?
> sorry my mistake, you're right

been around this a few times.  no magic pill found.  would love to learn
of one.  but one either wants to stop mis-originations or not.

but i would like to see an actual write-up of this 'loose mode' and
terse would be fine, heck preferred. :)

randy


More information about the NANOG mailing list