[157764] in North American Network Operators' Group
Re: Indonesian ISP Moratel announces Google's prefixes
daemon@ATHENA.MIT.EDU (Patrick W. Gilmore)
Wed Nov 7 00:15:51 2012
From: "Patrick W. Gilmore" <patrick@ianai.net>
In-Reply-To: <CAAxc0wXpRKtCrrMra4cxecVhy1vF_wJe1hF7OBK5k7VsueZhrA@mail.gmail.com>
Date: Wed, 7 Nov 2012 00:13:52 -0500
To: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Nov 07, 2012, at 00:07 , Jian Gu <guxiaojian@gmail.com> wrote:
> Where did you get the idea that a Moratel customer announced a =
google-owned
> prefix to Moratel and Moratel did not have the proper filters in =
place?
> according to the blog, all google's 4 authoritative DNS server =
networks and
> 8.8.8.0/24 were wrongly routed to Moratel, what's the possiblity for a
> Moratel customers announce all those prefixes?
Ah, right, they just leaked Google's prefix. I thought a customer =
originated the prefix.
Original question still stands. Which attribute do you expect Google to =
set to stop this?
Hint: Don't say No-Advertise, unless you want peers to only talk to the =
adjacent AS, not their customers or their customers' customers, etc.
Looking forward to your answer.
--=20
TTFN,
patrick
> On Tue, Nov 6, 2012 at 9:02 PM, Patrick W. Gilmore =
<patrick@ianai.net>wrote:
>=20
>> On Nov 06, 2012, at 23:48 , Jian Gu <guxiaojian@gmail.com> wrote:
>>=20
>>> What do you mean hijack? Google is peering with Moratel, if Google =
does
>> not
>>> want Moratel to advertise its routes to Moratel's peers/upstreams, =
then
>>> Google should've set the correct BGP attributes in the first place.
>>=20
>> That doesn't make the slightest bit of sense.
>>=20
>> If a Moratel customer announced a Google-owned prefix to Moratel, and
>> Moratel did not have the proper filters in place, there is nothing =
Google
>> could do to stop the hijack from happening.
>>=20
>> Exactly what attribute do you think would stop this?
>>=20
>> --
>> TTFN,
>> patrick
>>=20
>>=20
>>> On Tue, Nov 6, 2012 at 3:35 AM, Anurag Bhatia <me@anuragbhatia.com>
>> wrote:
>>>=20
>>>> Another case of route hijack -
>>>>=20
>> =
http://blog.cloudflare.com/why-google-went-offline-today-and-a-bit-about
>>>>=20
>>>>=20
>>>>=20
>>>> I am curious if big networks have any pre-defined filters for big
>> content
>>>> providers like Google to avoid these? I am sure internet community
>> would be
>>>> working in direction to somehow prevent these issues. Curious to =
know
>>>> developments so far.
>>>>=20
>>>>=20
>>>>=20
>>>>=20
>>>> Thanks.
>>>>=20
>>>>=20
>>>> --
>>>>=20
>>>> Anurag Bhatia
>>>> anuragbhatia.com
>>>>=20
>>>> Linkedin <http://in.linkedin.com/in/anuragbhatia21> |
>>>> Twitter<https://twitter.com/anurag_bhatia>|
>>>> Google+ <https://plus.google.com/118280168625121532854>
>>>>=20
>>>=20
>>=20
>>=20
>>=20
