nanog mailing list archives
Re: BGP prefix filter list
From: John Kristoff <jtk () depaul edu>
Date: Mon, 20 May 2019 18:26:48 -0500
On Mon, 20 May 2019 23:09:02 +0000 Seth Mattinen <sethm () rollernet us> wrote:
A good start would be killing any /24 announcement where a covering aggregate exists.
I wouldn't do this as a general rule. If an attacker knows networks are 1) not pointing default, 2) dropping /24's, 3) not validating the aggregates, and 4) no actual legitimate aggregate exists, (all reasonable assumptions so far for many /24's), then they have a pretty good opportunity to capture that traffic. John
Current thread:
- Re: BGP prefix filter list, (continued)
- Re: BGP prefix filter list Baldur Norddahl (May 17)
- Re: BGP prefix filter list Blake Hudson (May 17)
- Re: BGP prefix filter list Baldur Norddahl (May 17)
- Re: BGP prefix filter list Blake Hudson (May 17)
- Re: BGP prefix filter list Baldur Norddahl (May 18)
- Re: BGP prefix filter list Blake Hudson (May 20)
- Re: BGP prefix filter list William Herrin (May 20)
- Re: BGP prefix filter list i3D . net - Martijn Schmidt (May 20)
- Re: BGP prefix filter list Seth Mattinen (May 20)
- Re: BGP prefix filter list William Herrin (May 20)
- Message not available
- Re: BGP prefix filter list John Kristoff (May 20)
- Re: BGP prefix filter list Seth Mattinen (May 20)
- Re: BGP prefix filter list Ca By (May 20)
- Re: BGP prefix filter list Alejandro Acosta (May 21)
- Re: BGP prefix filter list Tom Beecher (May 22)
- Re: BGP prefix filter list Alejandro Acosta (May 22)
- Re: BGP prefix filter list Sabri Berisha (May 22)
- Re: BGP prefix filter list Ross Tajvar (May 22)
- Re: BGP prefix filter list Sabri Berisha (May 24)
- Re: BGP prefix filter list Mike Hammett (May 24)
- Re: BGP prefix filter list William Herrin (May 24)