[117755] in North American Network Operators' Group
Re: Cogent leaking /32s?
daemon@ATHENA.MIT.EDU (Alex H. Ryu)
Fri Oct 2 12:01:50 2009
Date: Fri, 02 Oct 2009 11:01:07 -0500
From: "Alex H. Ryu" <r.hyunseog@ieee.org>
To: Zak Thompson <zak@yellowfiber.net>
In-Reply-To: <872A476DA517EE428312FB7D5FF284BA4FF7AD@rstexchange02.yellowfiber.net>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
If there is DDoS attack going on from/to specific /32, sometimes they do
that to avoid too much overload for the network.
Cogent should give the answer for what's going on.
Alex
Zak Thompson wrote:
> We had a problem with cogent about a year ago. Somehow.. cymru was
> announcing a /32 of ours and black holing it for whatever reason. It
> was removed but wasn't happy that cogent was allowing cymru to do this
> sort of action. To this date we do not have a valid reason from cogent
> on why they allowed this to happen.
>
> Cheers,
> Zak Thompson
>
>
>
> -----Original Message-----
> From: ML [mailto:ml@kenweb.org]
> Sent: Friday, October 02, 2009 7:23 AM
> To: nanog@nanog.org
> Subject: Cogent leaking /32s?
>
> I received an alert from Cyclops telling me a probe in AS513 had seen a
> /32 that I announce to Cogent for one of our BGP sessions.
>
> Did anyone else see this?
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
