nanog mailing list archives
Re: BGP Optimizers (Was: Validating possible BGP MITM attack)
From: Colin Petrie <colin () spakka net>
Date: Fri, 1 Sep 2017 12:52:01 +0200
On 31/08/17 22:06, Job Snijders wrote:> I strongly recommend to turn off those BGP optimizers, glue the ports
shut, burn the hardware, and salt the grounds on which the BGP optimizer sales people walked.
Yes.
p.s. providing a publicly available BGP looking glasses will contribute to proving your innocence in cases like these. Since in many cases the AS_PATH is a complete fabrication, we need to manually check every AS in the AS_PATH to see whether the AS carries the fake more-specific. A public looking glass speeds up this fault-finding process. If you don't want to host a webinterface yourself, please consider sending a BGP feed to the Route Views Project or RIPE RIS, or for something queryable in a real-time fashion the NLNOG RING Looking Glass http://lg.ring.nlnog.net/
As a RIPE RIS operator, we regularly get people complaining 'oh but we are not advertising that prefix, your system must be broken'. Usually it is one of these BGP-optimizer more-specifics leaking out. Cheers, Colin
Current thread:
- Re: BGP Optimizers (Was: Validating possible BGP MITM attack) Tom Paseka via NANOG (Sep 01)
- <Possible follow-ups>
- Re: BGP Optimizers (Was: Validating possible BGP MITM attack) Colin Petrie (Sep 14)