North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: YouTube IP Hijacking

  • From: Paul Wall
  • Date: Mon Feb 25 04:02:33 2008
  • Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:mime-version:content-type:content-transfer-encoding:content-disposition; bh=lbmOqVRe8Vbc696izCGcXRar8FkcpwuqO3R1BXEL5aQ=; b=sqyWXZ8V0SU7q5cYJ4bF1NwqQ3PgJ/BTSN0Eg3IIfpDNOAVfNIqU3KLMRtFhfbbX8zVRGICWUfvhrlnybWwGa5BBk7KZb95jzrCBuO4aaE3AOILMQB9qNo3Jt9Yg82tCLvcGqHgERZcs3JPUdQBWlm7OVR8NGbja+fq1AkbA9aI=
  • Domainkey-signature: a=rsa-sha1; c=nofws;; s=gamma; h=message-id:date:from:to:subject:cc:mime-version:content-type:content-transfer-encoding:content-disposition; b=u37CDTp1ylziR2rhS6TEfhBKpo30qsEwgH3JkFT3iJjP/Kmcvy0inHkTLiha26xvJOArKoQ63hBo6V8dpDHmOtKx1RLsd+TFDQPSawSl7LI16HZb6Y3AbJAmtyL+UBDMdNGbt67/Q2KJf1dws5oMvSMx1i6zFKanEqaLN6ymjak=

On Sun, 24 Feb 2008, Sargun Dhillon wrote:
> I don't know how large Pakistani Telecom is, but it I bet its not large
> enough that PCCW should be allowing it to advertise anything.

I think you're failing to take into account how multihoming generally
works.  The real fallacy here is that PCCW/BTN refuses to prefix-list
filter their customers, as evidenced by this and past leaks.  If
something productive can come from today's outage, it would be PCCW
beginning to do their part as responsible Internet citizens, given
(excuse the pun) "peer" pressure.

I'd also focus on the lessons learned from the un-official "IP
Hijacking BOF" held in San Jose, during which engineers and
researchers studied the extent to which obviously-bogus route
advertisements propagated across the public Internet.  At these
events,  prefixes such as 1/8 and 100/7 were advertised, and, by
Renesys/bgplay/route-views/etc data, accepted by >99% (?) of the
internet.  IP blocks that were hijacked before (like 146.20/16) were
announced with similar outcome.

Results were planned to be presented at the next NANOG, but they
shouldn't be a surprise to anyone in the industry: nobody filters.

Paul Wall