North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Deaggregating for emergency purposes
Whats a tier 1?? ps: follow the AS path, call AS's in the path from the bad announcment. Get the peers to stop receiving it. it might be wack-a-mole, but thats part of the job.. On Tue, Aug 06, 2002 at 02:59:15PM -0400, Phil Rosenthal wrote: > > Yes, it is lovely when things work out like that. > My one experience with this problem was with Telia announcing my more > specifics, and their US NOC referred me to their Europe NOC, and there > no one spoke English. They are a tier1, so they don't have any upstream > to call. It took 20 phone calls and more than an hour to get to someone > who cared enough to do anything about it. > > --Phil > > -----Original Message----- > From: [email protected] [mailto:[email protected]] On Behalf Of > Derek Samford > Sent: Tuesday, August 06, 2002 2:51 PM > To: [email protected]; 'E.B. Dreger'; [email protected] > Subject: RE: Deaggregating for emergency purposes > > > > Phil, > You would think, after hearing about 30 people with clue+++ > talk, you may realize that this is a patently *bad* thing and should not > be done. If your route's are being hijacked you can generally solve your > problems in 2-5 phone calls...That's all it's *ever* taken me. 1. Call > their NOC. 2. If not helpful call their upstream. 3. Call a couple of > Tier 1's who are transit for their upstream, and have them filter it. > Done deal, in the time that you've managed to call your ISP and (maybe) > gotten about half the internet to reach you, you've solved the problem > for the whole net and have ZERO reachability concerns. This is my first > and last post to this ridiculous thread. > > Derek > > -----Original Message----- > From: [email protected] [mailto:[email protected]] On Behalf Of > Phil Rosenthal > Sent: Tuesday, August 06, 2002 2:44 PM > To: 'E.B. Dreger'; [email protected] > Subject: RE: Deaggregating for emergency purposes > > > --- > So explain how this is superior to DNS entr(y|ies) stating who your > peers and upstreams are. And there's nothing to say that one could not > specify allowed filters in DNS, too. > > If someone wants me to advertise 192.168.7/24, and DNS indicates the > proper netblock is 192.168.0/19 and their ASN is not origin or adjacent > hop, I'll be suspicious. What I do from there becomes a policy > question; I probably would contact the IP block owner to verify the > request. > --- > > My way isn't superior at all to a secure BGP solution, but until that > exists, I need a choice. > > I am definitely on the bandwagon for the need for a secure BGP. > > --Phil > > >
|