BGP route hijack by AS10990

Mark Tinka mark.tinka at seacom.com
Fri Jul 31 13:34:47 UTC 2020



On 31/Jul/20 03:57, Aftab Siddiqui wrote:
> Not a single prefix was signed, what I saw. May be good reason for
> Rogers, Charter, TWC etc to do that now. It would have stopped the
> propagation at Telia.

While I am a huge proponent for ROA's and ROV, it is a massive
expectation to req filtering to work on the basis of all BGP
participants creating their ROA's. It's what I would like, but there is
always going to be a lag on this one.

If none of the prefixes had a ROA, no amount of Telia's shiny new "we
drop invalids" machine would have helped, as we saw with this incident.
ROV really only comes into its own when the majority of the Internet has
correct ROA's setup. In the absence of that, it's a powerful but
toothless feature.

So while I will continue pushing for the rest of the world to create
ROA's, turn on RPKI and enable ROV, I'll also advocate that operators
continue to have both AS- and prefix-based filters. Not either/or, but
both. Also, max-prefix as a matter of course.

Mark.



More information about the NANOG mailing list