[81425] in North American Network Operators' Group
Re: Active BGP Probing and large AS-sets
daemon@ATHENA.MIT.EDU (Jeroen Massar)
Thu Jun 9 11:15:11 2005
From: Jeroen Massar <jeroen@unfix.org>
To: Florian Weimer <fw@deneb.enyo.de>
Cc: Lorenzo Colitti <lorenzo@ripe.net>,
Martin Hannigan <hannigan@verisign.com>, nanog@merit.edu
In-Reply-To: <8764wno9tb.fsf@deneb.enyo.de>
Date: Thu, 09 Jun 2005 17:13:53 +0200
Errors-To: owner-nanog@merit.edu
--=-AEdp2+LfKPU/2iywE0hZ
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable
On Thu, 2005-06-09 at 16:59 +0200, Florian Weimer wrote:
> * Lorenzo Colitti:
>=20
> > So yes, the ASes inserted in the AS-set are operated by others, and yes=
,=20
> > the announcements are sent out to the Internet at large.
>=20
> This approach is highly questionable. Any responsible ISP should kick
> you off the net for announcing AS path containing ASNs without
> permission from the real owner/assignee.
And it also makes clear why it didn't pop up in GRH, as when you insert
the GRH ASN 8298 it won't be announced to GRH and thus it doesn't get
detected and as quite a number of people check only there it can go
quite unnoticed in the IPv6 tables...*
Sidetracking: BGP should never accept a path from another peer
containing the ASN of a directly connected peer... does it or not?
Greets,
Jeroen
* =3D every path above 12, aspath sets get decompressed, get listed as a
possible ghost so it would pop up.
--=-AEdp2+LfKPU/2iywE0hZ
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Jeroen Massar / http://unfix.org/~jeroen/
iD8DBQBCqFyxKaooUjM+fCMRAhs8AKDCT0n6Mfzkc9SbORAFjfzAT8TO7gCcC1sq
tLYWCX7TNAJd3ODt+TvA1oE=
=TKjk
-----END PGP SIGNATURE-----
--=-AEdp2+LfKPU/2iywE0hZ--
