North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: RIPE NCC publishes case study of youtube.com hijack
On Feb 29, 2008, at 7:46 AM, David Ulevitch wrote:
A simple artifact of shortest AS path route selection. In addition, many
providers employ policies that apply preference for prefixes learned from
customers over those learned from peers, assuming they're of the same
Had those same providers explicitly not accepted the /24 announcement from AS 17557 via their peers you wouldn't have been affected at all.
The point is -- Restrictive customer filtering can also bite you in the butt. Trying to require your providers to do a "ge 19 le 25" (or whatever your largest supernet is), rather than filters for specific prefix sizes seems a worthwhile endeavor so you can de- aggregate on the fly, as necessary.
Deaggregation in order to mitigate less specific route hijacking is a hack
that in most cases only half fixes the problem, if that. If providers didn't
have those policies in place it'd be /32s that were being hijacked and
route table growth and churn would be far worse than it already is.
You prevent this by ubiquitous deployment of explicit customer and inter-
provider prefix filters, you don't open things up more so that when problems
occur, folks can try to hack around them.