North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: Kenyan Route Hijack
On Sat, Mar 15, 2008 at 9:09 PM, Glen Kent <[email protected]> wrote: > Unlike the Youtube outage where PTA had issued a directive asking all > ISPs to block Youtube - What is the reason most often cited for such > mishaps? The reason i ask this is because the ISPs that > "inadvertently" hijack someone elses IP space, need to explicitly > configure *something* to do this. So, what really are they trying to do there? I've seen two popular reasons for doing it accidentally - Fat fingers when configuring IP addresses by hand - Using old routing protocols such as IGRP or RIP and autosummarizing routes, usually done by a customer of an ISP that doesn't bother filtering carefully. This doesn't give you a /24 address by accident, but it lets you take two /24 subnets of a Class B or Class A and turn them into an advertisement for the whole network. A popular reason from longer ago was enterprises that used arbitrary addresses for their internal networks, which was safe because they'd never be connected to the real internet. RFC1918 has made that problem mostly go away, but as recently as 1995 I had a customer who was a bank that was using University of Toronto IP addresses internally. We were working on their databases, not their networks, so while we strongly recommended they renumber some time soon, it wasn't happening during our project. -- ---- Thanks; Bill Note that this isn't my regular email account - It's still experimental so far. And Google probably logs and indexes everything you send it.