[194699] in North American Network Operators' Group
Re: Cogent BGP Hijack
daemon@ATHENA.MIT.EDU (Tom Paseka via NANOG)
Tue May 23 19:16:16 2017
X-Original-To: nanog@nanog.org
In-Reply-To: <7010.1495560721@turing-police.cc.vt.edu>
Date: Tue, 23 May 2017 16:16:12 -0700
To: valdis.kletnieks@vt.edu
From: Tom Paseka via NANOG <nanog@nanog.org>
Reply-To: Tom Paseka <tom@cloudflare.com>
Cc: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
Looking at bgplay data, Hetzner possibly had some outages at the time?
Cogent isn't quick at withdrawing routes and will often blackhole inside
their network, but i can't see a large leak/hijack as happened.
On Tue, May 23, 2017 at 10:32 AM, <valdis.kletnieks@vt.edu> wrote:
> On Tue, 23 May 2017 10:10:25 +0300, Scott Christopher said:
> > https://www.lowendtalk.com/discussion/114865/hetzner-and-
> other-traffic-passin
> g-cogent-rerouted-over-moscow#latest
> >
> > A report that all Cogent traffic got re-routed into Moscow. Looks
> > innocent but happened right after UA blocked RU websites (e.g.,
> > VKontakte, Yandex, etc)
> >
> > Any thoughts ?
>
> Similar happened like 3 weeks ago. Big collective yawn when I posted
> about it.
>
