[84264] in North American Network Operators' Group
Re: 12/8 problems?
daemon@ATHENA.MIT.EDU (Richard A Steenbergen)
Fri Sep 9 11:41:01 2005
Date: Fri, 9 Sep 2005 11:39:09 -0400
From: Richard A Steenbergen <ras@e-gerbil.net>
To: Drew Linsalata <drew@gothambus.com>
Cc: nanog@nanog.org
In-Reply-To: <20050909152525.GC8847@overlord.e-gerbil.net>
Errors-To: owner-nanog@merit.edu
On Fri, Sep 09, 2005 at 11:25:25AM -0400, Richard A Steenbergen wrote:
>=20
> Looks like 12956 is announcing some /8s to every peer and transit. Worse=
=20
> still, Sprint and GX are propagating it. This is not the first time that=
=20
> Telefonica has leaked a lot of garbage routes with serious network impact=
=20
> as a result (nor is it the second or third, actually).
>=20
> 12.0.0.0/8
> 64.0.0.0/8
> 65.0.0.0/8=20
>=20
> I'd say both GX and Sprint have a lot to answer for right about now.
Minor apologies to GX, it looks like Telefonica isn't a customer any more,=
=20
just a direct peer. I'm still annoyed from the last outage caused when=20
Telefonica leaked routes to GX as a transit customer. Sprint on the other=
=20
hand propagated this as full transit. I'm glad to see no one has learned=20
=66rom AS7007. :)
As for how to prevent this from happening again... I know many people who=
=20
aren't able to implement full peer filtering are at least enforcing simple=
=20
as-path checks on the largest ASNs (making sure that customers and peers=20
don't reannounce paths which have 7018 in them, for example), but it=20
doesn't look like anyone is trying to filter things on a largest prefix=20
basis. When AS26210 decides to start originating the prefixes themselves=20
instead of just leaking it from 7018, boom.
--=20
Richard A Steenbergen <ras@e-gerbil.net> http://www.e-gerbil.net/ras
GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)
