Telstra Hijack

• Previous message (by thread): Telstra Hijack
• Next message (by thread): Telstra Hijack
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Bad prefixes are all gone. This looks resolved from my point of view.

On Tue, Sep 29, 2020 at 5:18 PM Ross Tajvar <ross at tajvar.io> wrote:

> I'm still seeing bad prefixes from Cogent, but our other upstreams (NTT,
> GTT, Telia) blocked them.
>
> On Tue, Sep 29, 2020 at 5:09 PM Sadiq Saif <lists at sadiqsaif.com> wrote:
>
>> On Tue, 29 Sep 2020, at 16:36, Ross Tajvar wrote:
>> > I'm surprised no one else has mentioned this yet, but Telstra is
>> > hijacking a lot of prefixes:
>> >
>> >
>> https://rpki.cloudflare.com/?view=bgp&prefix=&asn=1221&validState=Invalid
>> >
>> > Since we don't have RPKI filtering in our network (yet), we are
>> > currently filtering everything with the path ".* 4637 1221$".
>> >
>> > This is of course taking a while...
>>
>> My employer's prefixes were affected, I posted about it on the AusNOG
>> list so I could get some assistance. It has cleared up now but it took
>> about two hours or so.
>>
>> I saw AS paths like this from HE's looking glass:
>> 6461x4, 4637x11, 1221
>>
>> I would love to know what the root cause of the leak was.
>>
>> --
>>   Sadiq Saif
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20200929/b89a9371/attachment.html>

• Previous message (by thread): Telstra Hijack
• Next message (by thread): Telstra Hijack
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]