Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s)
Geoff Huston
gih at apnic.net
Tue May 24 20:00:36 UTC 2022
> On 25 May 2022, at 5:45 am, Jakob Heitz (jheitz) via NANOG <nanog at nanog.org> wrote:
>
> This attack will work very well until the victim starts advertising
> its prefix. The victim may not notice the fake advertisement because the fake
> advertisement will not reach the victim AS due to AS-path loop checking.
Often the best forms of attack are ones that are scoped in locality. Advertising the
same prefix from a different location in BGP may create a localised preference to follow the
synthesised route which is not visible everywhere. Sometimes this is exactly what the
attacker wants to achieve.
Geoff
More information about the NANOG
mailing list