[50614] in North American Network Operators' Group
Re: Deaggregating for emergency purposes
daemon@ATHENA.MIT.EDU (jnull)
Mon Aug 5 22:24:21 2002
Date: Mon, 5 Aug 2002 21:23:47 -0500
From: jnull <jnelson@jnull.rackspace.com>
To: Phil Rosenthal <pr@isprime.com>
Cc: "'John M. Brown'" <jmbrown@ihighway.net>, nanog@merit.edu
In-Reply-To: <!~!UENERkVCMDkAAQACAAAAAAAAAAAAAAAAABgAAAAAAAAA/zNkI7d3EEmn3+v5DgN/l8KAAAAQAAAAI8GRtQrOgEm3c8ExrdYpgQEAAAAA@isprime.com>
Errors-To: owner-nanog-outgoing@merit.edu
I usually don't play the "what if" game, as there will always be exception, but.
... If the upstream provider is obscure, remote, or incompetent odds are their A
S path is equally obscure, remote, or incompetent. A subsection of the globe may
by holed until reasonable parties can be contacted. Advertising deaggragated ro
utes my be a viable temporary solution for misconfigurations--and other than a f
ew angelic engineers, no one would fault you--but malevolent configurations woul
d most certainly be /24. I believe a discussion once occurred here advocating BG
P authentication using some distributed source for AS verification, and while I
believe such a process is feasible, I advocate an open community in a heirarchic
al model to enforce good policy.
HMM, I swear I had a point when I started...
--
sig=$header
Phil Rosenthal(pr@isprime.com)@2002.08.05 21:00:55 +0000:
>
> But the question is, what do you do if it's coming from somewhere with a
> difficult to contact NOC, and their upstream is difficult to contact as
> well?
>
> --Phil
>
> -----Original Message-----
> From: John M. Brown [mailto:jmbrown@ihighway.net]
> Sent: Monday, August 05, 2002 8:12 PM
> To: Phil Rosenthal
> Cc: nanog@merit.edu
> Subject: Re: Deaggregating for emergency purposes
>
>
> Hmm, this would be a "Bad Idea" (TM) (C) 2002, DMCA Protected
>
> Having had this happen to me several different times, I'd have to
> recommend, calling the NOC of the advertising party. as the pref'd way
> of handling it.
>
> On Mon, Aug 05, 2002 at 06:41:22PM -0400, Phil Rosenthal wrote:
> >
> > I am currently announcing only my aggregate routes, but I have lately
> > thought about the possibility of someone mistakenly, or maliciously,
> > announcing more specifics from my space. The best solution for an
> > emergency response to that (that I can think of), is registering all
> > of the /24's that make up my network, so if someone should announce a
> > more-specific, I can always announce the most specific that would be
> > accepted (assuming they don't announce the /24's too, it should be a
> > problem avoided)
> >
> > Does anyone else have any other ideas on ways to quickly deal with
> > someone else announcing your more specifics, since contacting their
> > NOC is likely going to take a long time...
> >
> > --Phil
> >
>
