[93321] in North American Network Operators' Group
Re: [c-nsp] [Re: huge amount of weird traffic on poin-to-point ethernet link]
daemon@ATHENA.MIT.EDU (steve@telecomplete.co.uk)
Thu Nov 9 11:34:55 2006
Date: Thu, 9 Nov 2006 16:33:30 +0000
From: steve@telecomplete.co.uk
To: Valdis.Kletnieks@vt.edu
Cc: steve@telecomplete.co.uk, Robert Boyle <robert@tellurian.com>,
Adrian Chadd <adrian@creative.net.au>, nanog@merit.edu
In-Reply-To: <200611091501.kA9F1CfC026401@turing-police.cc.vt.edu>
Errors-To: owner-nanog@merit.edu
On Thu, Nov 09, 2006 at 10:01:12AM -0500, Valdis.Kletnieks@vt.edu wrote:
> On Thu, 09 Nov 2006 14:47:12 GMT, steve@telecomplete.co.uk said:
> > The craziest stuff that gets announced isnt in the reserved/unallocated realm
>
> OK, I'll bite - what's the craziest thing you've noticed go by in the recent
> past?
To answer a slightly different question, I was actually thinking about the issues of address space hijacking. So this is where address space that has been legitimately allocated and is properly maintained in routing registries is announced unauthorized by a third party.
Theres nothing weird about the BGP announcement or the address space, except your Yahoo traffic seems to traceroute to North Korea rather than California.....
Less nasty things would be caused by fat fingers, typos in prefixes, accidental announcment of supernets or subnets....
What I'm getting at here is that if someone announces 1.0.0.0/16 then when I spot it I'll raise an issue and alert whoever screwed up but does it break anything? Not normally. But if I accidentally redistribute my static routes to google.com into BGP my phone's going to get busy PDQ!
Steve
