[107766] in North American Network Operators' Group
Re: community real-time BGP hijack notification service
daemon@ATHENA.MIT.EDU (Avi Freedman)
Fri Sep 12 16:03:39 2008
To: oberman@es.net (Kevin Oberman)
Date: Fri, 12 Sep 2008 16:03:03 -0400 (EDT)
From: Avi Freedman <freedman@freedman.net>
Cc: nanog@merit.edu
Errors-To: nanog-bounces@nanog.org
Hmm, I'm trying to figure out the application here.
You have single prefixes originated or originate-able by more than
5 or 6 ASs?
I see - is it that you have, say a /16 with 13 potential ASs that might
be seen as originating more specifics inside that /16?
Hadn't considered that; we were envisioning that those specifics would
be set up as separate alerts.
It's easy enough to extend the # of ASNs that can be listed, however.
That'll be done this weekend.
Thanks,
Avi
> Looks interesting, but it only takes a fairly short list of ASNs for a
> prefix. For our big CIDR blocks, we have WAY too many ASNs to enter them
> all, so it's pretty useless for me. I need to be able to enter at very
> least a dozen ASes and I suspect may folks have a LOT more then that.
>
> For now, I'll enter some shorter pieces from the block, but I'm most
> concerned with the pieces that are not currently assigned, so are
> available for hijack. I have added the larger, unassigned blocks. I'll
> start adding assigned bits and pieces as well as unassigned pieces, but
> being able to put all valid origin ASes in the list for the full blocks
> would be a lot nicer.
> R. Kevin Oberman, Network Engineer
