[125163] in North American Network Operators' Group
Re: China prefix hijack
daemon@ATHENA.MIT.EDU (Paul Vixie)
Fri Apr 9 13:17:34 2010
To: nanog@merit.edu
From: Paul Vixie <vixie@isc.org>
Date: Fri, 09 Apr 2010 17:17:23 +0000
In-Reply-To: <alpine.LNX.2.00.1004081945330.7589@aubergine.renesys.com>
(Martin A. Brown's message of "Thu\, 8 Apr 2010 19\:45\:56 +0200")
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
"Martin A. Brown" <mabrown@renesys.com> writes:
> Just a note of confirmation that 23724 originated as many as 31847
> prefixes during an 18 minute window starting around 15:54 UTC.
> They were prepending their own AS, and this is several orders of
> magnitude more prefixes than they normally originate.
a couple of times when CIX still existed, i fscked up badly and sent
a full deaggregated table to some peers. (the perils of running BGP3
and BGP4 on the same router, plus on-the-job-training for yours truly.)
it's also happened a half dozen times by fat fingers other than mine.
then there are the people who advertise 0/0, and all the people who accept
0/0. historians may say of the nanog@ m/l archives, "much hilarity ensued."
are we all freaking out especially much because this is coming from china
today, and we suppose there must be some kind of geopolitical intent
because china-vs-google's been in the news a lot today?
i'm more inclined to blame the heavy solar wind this month and to assume
that chinanet's routers don't use ECC on the RAM containing their RIBs and
that chinanet's router jockeys are in quite a sweat about this bad publicity.
--
Paul Vixie
KI6YSY
