[132809] in North American Network Operators' Group
Re: FUD: 15% of world's internet traffic hijacked
daemon@ATHENA.MIT.EDU (Brett Watson)
Wed Dec 1 18:42:37 2010
From: Brett Watson <brett@the-watsons.org>
In-Reply-To: <AANLkTincHTd7e7S7GKG-Kt2yiQMcYuiMfu6U8PqELV=p@mail.gmail.com>
Date: Wed, 1 Dec 2010 16:42:27 -0700
To: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Dec 1, 2010, at 4:17 PM, Christopher Morrow wrote:
> sometimes I love to pull your chain... :) I agree though that folks
> won't publish this data (in general) directly, for whatever reason.
> Also, right '15% of traffic' really should have been '15% of routes*'
Agreed, I should have been more clear. I wasn't implying that much =
traffic either, but rather "15% of global prefixes."
I was more focused on, "Seems clear enough that traffic *transited* =
China ASNs, as opposed to being blackholed as we seen in many hijacks.
Further, in hopes of generating discussion... I've seen a lot of =
comments along the lines of "this was likely an accident, =
misconfiguration, or fat-finger..."
I'm having a really hard time figuring how, if traffic not only diverted =
to China but *transited* China, this could be any kind of mistake. I'm =
not able to get my fingers or thumbs to randomly (seemingly) select =
approximately 15% of all prefixes, originate those, modify filters so I =
can do so, and also somehow divert it to another router that doesn't =
have the hijacked prefixes I'm announcing but rather forwards the source =
traffic on to it's intended destination.
I can't seem to work all of that out into any kind of "accident."
Anyone?
-b=
