[174202] in North American Network Operators' Group
Re: Prefix hijacking, how to prevent and fix currently
daemon@ATHENA.MIT.EDU (Randy Bush)
Fri Aug 29 05:41:40 2014
X-Original-To: nanog@nanog.org
Date: Fri, 29 Aug 2014 18:39:32 +0900
From: Randy Bush <randy@psg.com>
To: Karsten Thomann <karsten_thomann@linfre.de>
In-Reply-To: <5400491C.8040008@linfre.de>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
>>> Loose mode would drop failing routes, iff there is covering (i.e. less
>>> specific is ok) route already in RIB.
>> isn't that exactly the hole punching attack?
> No, as the the more specific route is signed and is preferred (longest
> match routing) against the less specific hijacked route
clearly i am missing something. got a write-up?
randy
