Telstra Hijack

• Previous message (by thread): Telstra Hijack
• Next message (by thread): Telstra Hijack
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I'm still seeing bad prefixes from Cogent, but our other upstreams (NTT,
GTT, Telia) blocked them.

On Tue, Sep 29, 2020 at 5:09 PM Sadiq Saif <lists at sadiqsaif.com> wrote:

> On Tue, 29 Sep 2020, at 16:36, Ross Tajvar wrote:
> > I'm surprised no one else has mentioned this yet, but Telstra is
> > hijacking a lot of prefixes:
> >
> >
> https://rpki.cloudflare.com/?view=bgp&prefix=&asn=1221&validState=Invalid
> >
> > Since we don't have RPKI filtering in our network (yet), we are
> > currently filtering everything with the path ".* 4637 1221$".
> >
> > This is of course taking a while...
>
> My employer's prefixes were affected, I posted about it on the AusNOG list
> so I could get some assistance. It has cleared up now but it took about two
> hours or so.
>
> I saw AS paths like this from HE's looking glass:
> 6461x4, 4637x11, 1221
>
> I would love to know what the root cause of the leak was.
>
> --
>   Sadiq Saif
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20200929/0d7822d2/attachment.html>

• Previous message (by thread): Telstra Hijack
• Next message (by thread): Telstra Hijack
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]