[4775] in North American Network Operators' Group
Re: Best way to deal with bad advertisements?
daemon@ATHENA.MIT.EDU (Avi Freedman)
Sat Sep 28 15:05:46 1996
From: Avi Freedman <freedman@netaxs.com>
To: mpetach@netflight.com (Matthew Petach)
Date: Sat, 28 Sep 1996 15:03:31 -0400 (EDT)
Cc: mpetach@netflight.com, nanog@merit.edu
In-Reply-To: <199609281709.KAA02379@falcon.netflight.com> from "Matthew Petach" at Sep 28, 96 10:09:38 am
> > In this case, the very first thing you should probably do is to
> > start announcing the more specific /24s to match their advertisements!
> > Depending on AS-PATH length (how various nets hear your announcements
> > vs. theirs) this may solve the immediate problem, allowing you to hunt
> > them down and kill them at your leisure.
>
> The downside to this is that we go from advertising /16's
> out, to advertising a fleet of /24's out, most of which
> would be filtered by Sprint's ever-lovin' CIDR-forcing
> wall. I agree with Sprint, and Sean, but in this case
> it pretty much makes it hard for us to force the issue
> by dropping to the same or smaller sized announcement.
>
> Good thought, though! Even if it does result in going
> from 2 /16 announcements to 512 /24 announcements in
> the process, growing the routing tables, and generally
> making everyone else unhappy as well.
Only advertise the /24s that they're announcing of yours.
And if you need to get them into Sprint, see if a multi-
homed Sprint customer will temporarily shove them into
Sprint and static them back to you via another provider/connection.
> *sigh* There really MUST be some nice way of handling
> lame ISP's like this.
>
> > 1) Announce *your own* routes more specifically.
> > This may lose you ANS connectivity, though.
I meant ANS connectivity because of RADB issues, but yes,
anyone who filters small announcements in your space won't
see you.
> I took that step last night, and was advised to remove it by
> those more in tune with legal issues. I guess it's not
> considered "nice" to sink to the same level as your
> attacker, and play dirty. :-}
No, but if it went on for 12 hours, I very well might do so.
> > Avi
>
> Again, my thanks for you feedback and support!
>
> Matt Petach
Sure, good luck.
And if you're going for the shunning effect, tell us all who it
is that you're having trouble with.
Avi
