[109270] in North American Network Operators' Group
Re: Prefix Hijack Tool Comaprision
daemon@ATHENA.MIT.EDU (Alexander Harrowell)
Thu Nov 13 15:28:04 2008
From: "Alexander Harrowell" <a.harrowell@gmail.com>
To: Todd Underwood <todd@renesys.com>
Date: Thu, 13 Nov 2008 20:27:32 +0000
Cc: nanog@nanog.org
Reply-To: Alexander Harrowell <a.harrowell@gmail.com>
Errors-To: nanog-bounces@nanog.org
OK. This seems to be a flaw in RIPE RIS, a pity because BGPlay is =
great.
- original message -
Subject: Re: Prefix Hijack Tool Comaprision
From: Todd Underwood <todd@renesys.com>
Date: 13/11/2008 8:05 pm
alexander, all,
On Thu, Nov 13, 2008 at 07:56:26PM +0000, Alexander Harrowell wrote:
> It may be the North American NOG, but it's been said before that it
> functions as a GNOG, G for Global. I don't think Brazil is
> insignificant. I respect Todd's work greatly, but I think he's =
wrong
> on this point.=20
you misread me.
i did not say that brazil was insignificant. it's not. it has some =
of
the fastest growing internet in latin america. =20
i said that *this* hijacking took place in an insignificant corner of
the internet. i mean this AS-map wise rather than geographically.
this hijacking didn't even spread beyond one or two ASes, one of whom
just happened to be a RIPE RIS peer. =20
real hijackings leak into dozens or hundreds or thousands of ASNs.
they spread far and wide. that's why people carry them out, when =
they
do. this one was stopped in its tracks in a very small portion of =
one
corner of the AS graph. =20
as such, i don't count it as a hijacking or leak of any great
significance and wouldn't want to alert anyone about it. that's why =
i
recommend that prefix hijacking detection systems do thresholding of
peers to prevent a single, rogue, unrepresentative peer from =
reporting
a hijacking when none is really happening. others may have a
different approach, but without thresholding prefix alert systems can
be noisy and more trouble than they are worth.
sorry if it appears that i was denegrating .br . i was not.
t.
--=20
_____________________________________________________________________
todd underwood +1 603 643 9300 x101
renesys corporation =20
todd@renesys.com =
http://www.renesys.com/blog
