BGP route hijack by AS10990

• Previous message (by thread): Issue with Noction IRP default setting (Was: BGP route hijack by AS10990)
• Next message (by thread): BGP route hijack by AS10990
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Mark Tinka wrote on 01/08/2020 12:20:
> The difference between us and aviation is that fundamental flaws or
> mistakes that impact safety are required to be fixed and checked if you
> want to keep operating in the industry. We don't have that, so...

... so once again, route optimisers were at the heart of another serious 
route leaking incident.

BGP is designed to prevent loops from happening, and has tools like 
no-export to help prevent inadvertent leaks.

When people build "BGP optimisers" which reinject a prefix into a 
routing mesh with the entire as-path stripped and then they refuse to 
apply the basic minimum of common sense by refusing point blank to tag 
prefixes with no-export, it's a matter of certainty that leaks are going 
to happen, and that when they do, they'll cause damage.

It's about as responsible as shipping a shotgun with the safety disabled 
and then handing it to a newbie.  After all, the safety makes it more 
difficult to operate and if the newbie shoots themselves, it was their 
fault.  And if they shot someone else, they shouldn't have got in the 
way, right?

Nick

• Previous message (by thread): Issue with Noction IRP default setting (Was: BGP route hijack by AS10990)
• Next message (by thread): BGP route hijack by AS10990
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]