BGP route hijack by AS10990

• Previous message (by thread): BGP route hijack by AS10990
• Next message (by thread): BGP route hijack by AS10990
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 31/Jul/20 16:29, Mike Hammett wrote:
> They solve a need that isn't reasonably solved any other way that
> doesn't have similar drawbacks.
>
> Some optimizers need to be redesigned to be safer by default.
>
> Some networks need to be safer by default as well.

Almost every product ever made does solve a need. You will find at least
one customer who is happy with what they paid their money for.

But BGP-4 is vulnerable enough as it is, and the Internet has moved on
in leaps and bounds since 1994 (RFC 1654).

Until we see BGP-5, we need to look after our community. And if that
means holding the BGP optimizers to a higher standard, so be it.

As they say, "You can't blame a monkey for botching a brain surgery".

Plenty of industries strongly "guide" (I'll avoid "regulate") their
actors to ensure standards and results (medicine, aviation, energy,
construction, e.t.c.). If the acceptance bar to a BGP actor is an
optional CCNA or JNCIA certification, we shall learn the hard way, as we
did with this and similar incidents.

Mark.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20200731/49bd3357/attachment.html>

• Previous message (by thread): BGP route hijack by AS10990
• Next message (by thread): BGP route hijack by AS10990
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]