North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Deaggregating for emergency purposes
I usually don't play the "what if" game, as there will always be exception, but. ... If the upstream provider is obscure, remote, or incompetent odds are their A S path is equally obscure, remote, or incompetent. A subsection of the globe may by holed until reasonable parties can be contacted. Advertising deaggragated ro utes my be a viable temporary solution for misconfigurations--and other than a f ew angelic engineers, no one would fault you--but malevolent configurations woul d most certainly be /24. I believe a discussion once occurred here advocating BG P authentication using some distributed source for AS verification, and while I believe such a process is feasible, I advocate an open community in a heirarchic al model to enforce good policy. HMM, I swear I had a point when I started... -- sig=$header Phil Rosenthal([email protected])@2002.08.05 21:00:55 +0000: > > But the question is, what do you do if it's coming from somewhere with a > difficult to contact NOC, and their upstream is difficult to contact as > well? > > --Phil > > -----Original Message----- > From: John M. Brown [mailto:[email protected]] > Sent: Monday, August 05, 2002 8:12 PM > To: Phil Rosenthal > Cc: [email protected] > Subject: Re: Deaggregating for emergency purposes > > > Hmm, this would be a "Bad Idea" (TM) (C) 2002, DMCA Protected > > Having had this happen to me several different times, I'd have to > recommend, calling the NOC of the advertising party. as the pref'd way > of handling it. > > On Mon, Aug 05, 2002 at 06:41:22PM -0400, Phil Rosenthal wrote: > > > > I am currently announcing only my aggregate routes, but I have lately > > thought about the possibility of someone mistakenly, or maliciously, > > announcing more specifics from my space. The best solution for an > > emergency response to that (that I can think of), is registering all > > of the /24's that make up my network, so if someone should announce a > > more-specific, I can always announce the most specific that would be > > accepted (assuming they don't announce the /24's too, it should be a > > problem avoided) > > > > Does anyone else have any other ideas on ways to quickly deal with > > someone else announcing your more specifics, since contacting their > > NOC is likely going to take a long time... > > > > --Phil > > >
|