IPv4 and IPv6 hijacking by AS 6

• Previous message (by thread): IPv4 and IPv6 hijacking by AS 6
• Next message (by thread): IPv4 and IPv6 hijacking by AS 6
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 13 Apr 2018, Bjørn Mork wrote:

> Date: Fri, 13 Apr 2018 10:13:47 +0200
> From: Bjørn Mork <bjorn at mork.no>
> To: Anurag Bhatia <me at anuragbhatia.com>
> Cc: North American Network Operators' Group <nanog at nanog.org>
> Subject: Re: IPv4 and IPv6 hijacking by AS 6
> 
> Anurag Bhatia <me at anuragbhatia.com> writes:
>
>> Similar for AS2.
>
> I believe we've seen bogus low AS number announcements a few times
> before, and they've usually been caused by attemts to configure
> AS path prepending without understanding and/or reading the docs.
>
> Someone might have wrongly assumed that
>
>   set as-path prepend 133711 133711
>
> could be written shorter like
>
>   set as-path prepend 133711 2
>
> and there you go...

  Yes, ASN2 sees about 1-4 configuration related "rogue" announcements per 
month.  What is going on right now does not appear to be a small 
misconfiguration.

  The only route we (University of Delaware) are announcing w/ ASN2 is 
128.4.0.0/16.

Jason



Jason Cash
Deputy CIO
University of Delaware
cash at udel.edu
302-831-0461

• Previous message (by thread): IPv4 and IPv6 hijacking by AS 6
• Next message (by thread): IPv4 and IPv6 hijacking by AS 6
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]