nanog mailing list archives
Re: Why not to use RPKI (Was Re: Argus: a hijacking alarm system)
From: Yang Xiang <xiangy08 () csnet1 cs tsinghua edu cn>
Date: Mon, 23 Jan 2012 23:51:00 +0800
2012/1/23 Christopher Morrow <morrowc.lists () gmail com>
ok, that seems squirrelly still :( so, take routeviews for example, they peer almost exclusively ebgp-multi-hop, so any 'best path' you see there isn't actually usable by the route-server... all traffic has to take the local transport out of the routeviews system, off to the internet and beyond. So, your blackhole testing isn't actually testing what you want, I think :(
it is not a serious problem, I think. 1). we do not use routeviews-like routeservers for hijacking identification, we only use router. 2). there is a high possibility that, the 'best path' is the path in FIB table. 3). if the 'best path' is not the path in FIB, there is still a high possibility that the 'best path' is the path in the FIB of other routes in the same AS. 4), our criterion is a threshold of a fingerprint, not a extremum. the fingerprint evaluated the possibility. hope I'm not wrong. :)
-chris
-- _________________________________________ Yang Xiang. Ph.D candidate. Tsinghua University Argus: argus.csnet1.cs.tsinghua.edu.cn
Current thread:
- Re: Argus: a hijacking alarm system, (continued)
- Re: Argus: a hijacking alarm system Jeroen Massar (Jan 20)
- Re: Argus: a hijacking alarm system Yang Xiang (Jan 20)
- Why not to use RPKI (Was Re: Argus: a hijacking alarm system) Arturo Servin (Jan 20)
- Re: Why not to use RPKI (Was Re: Argus: a hijacking alarm system) Yang Xiang (Jan 20)
- Re: Why not to use RPKI (Was Re: Argus: a hijacking alarm system) Arturo Servin (Jan 20)
- Re: Why not to use RPKI (Was Re: Argus: a hijacking alarm system) Yang Xiang (Jan 20)
- Re: Why not to use RPKI (Was Re: Argus: a hijacking alarm system) Danny McPherson (Jan 20)
- Re: Why not to use RPKI (Was Re: Argus: a hijacking alarm system) Christopher Morrow (Jan 22)
- Re: Why not to use RPKI (Was Re: Argus: a hijacking alarm system) Yang Xiang (Jan 23)
- Re: Why not to use RPKI (Was Re: Argus: a hijacking alarm system) Christopher Morrow (Jan 23)
- Re: Why not to use RPKI (Was Re: Argus: a hijacking alarm system) Yang Xiang (Jan 23)
- Re: Why not to use RPKI (Was Re: Argus: a hijacking alarm system) John Kemp (Jan 23)
- Re: Why not to use RPKI (Was Re: Argus: a hijacking alarm system) Yang Xiang (Jan 23)
- Re: Why not to use RPKI (Was Re: Argus: a hijacking alarm system) Yang Xiang (Jan 20)
- Re: Why not to use RPKI (Was Re: Argus: a hijacking alarm system) Richard Barnes (Jan 20)
- Re: Argus: a hijacking alarm system RijilV (Jan 20)
- Re: Argus: a hijacking alarm system Suresh Ramasubramanian (Jan 20)
- Re: Argus: a hijacking alarm system Yang Xiang (Jan 21)
- Re: Argus: a hijacking alarm system Yang Xiang (Jan 21)