[191432] in North American Network Operators' Group
Re: "Defensive" BGP hijacking?
daemon@ATHENA.MIT.EDU (Bryan Fields)
Wed Sep 14 16:05:56 2016
X-Original-To: nanog@nanog.org
To: NANOG list <nanog@nanog.org>
From: Bryan Fields <Bryan@bryanfields.net>
Date: Wed, 14 Sep 2016 16:04:43 -0400
In-Reply-To: <20160914000951.CCA9D8C7@m0086238.ppops.net>
Errors-To: nanog-bounces@nanog.org
On 9/14/16 3:09 AM, Scott Weeks wrote:
>
> Yes, RPKI. That's what I was waiting for. Now we can get to
> a real discussion
Problem is, RPKI does not work for people with legacy blocks who will not sign
a Legacy RSA. ARIN doesn't own or have any say on how we use it, and we're
sure as heck not going to sign a legally binding contract saying they do :)
I'm a bit ambivalent about BGP hijacking as a DDOS mitigation strategy.
Really there is no authority to say it's wrong. If your peers are cool with
it, and their peers are cool with it who's to say it's wrong?
--
Bryan Fields
727-409-1194 - Voice
http://bryanfields.net
