North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: YouTube IP Hijacking

  • From: Simon Leinen
  • Date: Tue Feb 26 06:08:07 2008

Iljitsch van Beijnum writes:
> Well, if they had problems like this in the past, then I wouldn't
> trust them to get it right. Which means that it's probably a good
> idea if EVERYONE starts filtering what they allow in their tables
> from PCCW. Obviously that makes it very hard for PCCW to start
> announcing new prefixes, but I can't muster up much sympathy for
> that.

> So basically, rather than generate routing registry filters for the
> entire world, generate routing registry filters for known careless
> ASes. This number should be small enough that this is somewhat
> doable. [...]

Maybe, but how much would that help?

So you suggest that we only need to filter against AS7007, AS9121, and
AS17557.  Personally, those are among the ones I least worry about -
maybe I'm naive, but I'd hope they or their upstreams have learned
their lessons.

The problem is that nobody knows which of the other 25000+ ASes will
be the next AS7007.  So I guess we have to modify your suggestion
somewhat and, in addition to filtering the "known-careless" also
filter the "unknown-maybe-careful" class.  Oops, that leaves only the
"known-careful" class, which includes... my own AS, and then whom?