AS3356 Announcing 2000::/12
mpetach at netflight.com
Sat Dec 10 00:24:06 UTC 2022
On Thu, Dec 8, 2022 at 9:35 AM Randy Bush <randy at psg.com> wrote:
> while i think the announcement is, shall we say, embarrassing, i do not
> see how it would be damaging. real/correct announcements would be for
> longer prefixes, yes?
Putting on a probably-overly-paranoid hat for a moment...
If I announce 2000::/12, seemingly as an innocent error,
it won't break most people's routing, and is likely to be simply
chalked up as a copy-paste error, or other human "oops".
But if I happen to be running a promiscuous packet capture
on a box that the "erroneous" routing table entry ultimately
resolves to, I warrant there's a certain amount of legitimate
packet streams I could collect here and there, any time a
router processes a WITHDRAW update message for a more
specific prefix within the range, before a new ANNOUNCE
update message is processed.
I'm not going to get a great deal of information, as most
simple prefix updates happen within the same update
message; but during periods of higher internal churn in a
network, you may have brief periods during which the more
specific route is withdrawn before being re-announced, during
which I'd be able to harvest packets destined for other networks.
As I said--I'm probably being overly paranoid, but I can't help but
wonder what packets such a collector might see, if left to run for a
week or two... ^_^;
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the NANOG