[107302] in North American Network Operators' Group
Re: BGP Attack - Best Defense ?
daemon@ATHENA.MIT.EDU (Scott Weeks)
Fri Aug 29 19:29:14 2008
Date: Fri, 29 Aug 2008 16:29:09 -0700
From: "Scott Weeks" <surfer@mauigateway.com>
To: <nanog@merit.edu>
Reply-To: surfer@mauigateway.com
Errors-To: nanog-bounces@nanog.org
----- Original Message -----
Let's say the attacker is announcing one or more /24s of mine and announcing a more specific is not possible. I figure it out somehow and begin announcing the same. The attacker doesn't stop his attack. What happens? The part of the internet closest in topology to me sends their traffic to me and the part of the internet closest to the attacker sends traffic to him?
-----------------------------------
--- Guy_Shields@Stream.Com wrote:-------
Correct, as you would then be contending with the path length portion of the 10 determistic citeria in the bgp protocol.
---------------------------------------
And the only one that'd really come into play would be shortest number of AS hops, so topological closeness would be the deciding factor on whether the traffic transits the attacker's network or properly comes directly to me.
scott
