IPv4 and IPv6 hijacking by AS 6

• Previous message (by thread): IPv4 and IPv6 hijacking by AS 6
• Next message (by thread): IPv4 and IPv6 hijacking by AS 6
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Apr 13, 2018 at 10:35 PM, Randy Bush <randy at psg.com> wrote:

> > I believe we've seen bogus low AS number announcements a few times
> > before, and they've usually been caused by attemts to configure
> > AS path prepending without understanding and/or reading the docs.
> >
> > Someone might have wrongly assumed that
> >
> >    set as-path prepend 133711 133711
> >
> > could be written shorter like
> >
> >    set as-path prepend 133711 2
> >
> > and there you go...
>
> for someone else's prefix?
>

Perhaps their policy is something like:
  "prepend all of transit-provider-1 prefixes by 2, their links are crappy
today"

followed by output policy:
  "permit all of my prefixes (matched by as-path-regex) and my customer
prefixes (matched by community)"

there's probably a bunch of ways this can go sideways, that's just one
simple (and seen before) example.

• Previous message (by thread): IPv4 and IPv6 hijacking by AS 6
• Next message (by thread): IPv4 and IPv6 hijacking by AS 6
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]