[181706] in North American Network Operators' Group
Re: NTT->HE earlier today (~10am EDT)
daemon@ATHENA.MIT.EDU (Mark Tinka)
Wed Jul 1 02:31:48 2015
X-Original-To: nanog@nanog.org
To: Tore Anderson <tore@fud.no>, Mike Leber <mleber@he.net>
From: Mark Tinka <mark.tinka@seacom.mu>
Date: Wed, 1 Jul 2015 08:29:00 +0200
In-Reply-To: <20150701000240.1d2872ed@envy.fud.no>
Cc: nanog@nanog.org
Errors-To: nanog-bounces@nanog.org
On 1/Jul/15 00:02, Tore Anderson wrote:
>
> You're not mentioning RPKI here. Any particular reason why not?
>
> If I understand correctly, in today's leak the origin AS was
> changed/reset, so RPKI ought to have saved the day. (At least Grzegorz'
> day, considering that 33 of AS43996's prefixes are covered by ROAs.)
It certainly would have.
BGPmon was awash with alarms about Origin Validation violations for our
prefixes that were originated by the offending network yesterday.
If HE implemented Origin Validation, they'd have dropped these routes
assuming that was their policy.
Mark.
