[195636] in North American Network Operators' Group
Re: Verizon 701 Route leak?
daemon@ATHENA.MIT.EDU (Randy Bush)
Wed Aug 30 00:20:28 2017
X-Original-To: nanog@nanog.org
Date: Wed, 30 Aug 2017 13:20:16 +0900
From: Randy Bush <randy@psg.com>
To: Tim Evens <tievens@cisco.com>
In-Reply-To: <98EBD357-9D31-4E00-AA9A-118F05BE4716@cisco.com>
Cc: North American Network Operators' Group <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
> Good use-case for
> https://datatracker.ietf.org/doc/draft-ietf-grow-bmp-adj-rib-out and
> snapshot auditing before and after changes. Leak didn't last long but
> it could have been caught within milliseconds verses minutes via oh
> sh** alarms.
[ i happen to like bmp, but ... ]
if the sender did not have the automation or the mops to not leak in the
first place, how well will they apply post hoc detection and repair?
if the receiver did not filter, and an tier-1 as-path filter would have
sufficed in this case, how well do you think they will be at applying
post hoc detection and repair?
this was an easily preventable ops failure. but what we will do is go
to idr and grow and invent 42 more hacks, kinda like ipv6 transition
mechanisms. </snark>
randy
