[149345] in North American Network Operators' Group
Re: AS8300 - Swisscom hijacking.. Just what are you testing?
daemon@ATHENA.MIT.EDU (Jared Mauch)
Wed Feb 1 17:23:07 2012
From: Jared Mauch <jared@puck.nether.net>
In-Reply-To: <4F29B8D4.6040603@unfix.org>
Date: Wed, 1 Feb 2012 17:22:11 -0500
To: Jeroen Massar <jeroen@unfix.org>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Feb 1, 2012, at 5:12 PM, Jeroen Massar wrote:
> On 2012-02-01 22:44 , Schiller, Heather A wrote:
>>=20
>> AS8300 started announcing one of the Rove Digital dns changer IP =
ranges.
> [..]
>> I searched around and couldn't find any mention of what they might be =
testing. Anyone know? =20
>=20
> They do internal aggregation of common prefixes to keep their internal
> tables small, see for instance this rather old preso:
>=20
> http://www.swinog.ch/meetings/swinog7/BGP_filtering-swinog.ppt
>=20
> These prefixes should of course not be leaked outside their own =
network.
>=20
> I would say, kick them either directly (yell offlist if you want =
direct
> contacts) or spam the SwiNOG list and you will get a response quickly =
too.
One could just filter their as-path from 701/702/703 in the interim to =
get them to address it.
- jared=
