nanog mailing list archives

Re: "Is BGP safe yet?" test

From: Denys Fedoryshchenko <nuclearcat () nuclearcat com>
Date: Mon, 20 Apr 2020 22:27:30 +0300

On 2020-04-20 22:01, Rubens Kuhl wrote:

On Mon, Apr 20, 2020 at 3:37 PM Denys Fedoryshchenko
<nuclearcat () nuclearcat com> wrote:

There is simple use case that will prove this page is giving false
positive
for their "name&shame" strategy.
Any AS owner with default route only (yes it happens a lot) users
will
get:
"YOUR ISP TERRIBLE, HIS BGP NOT SAFE!".
But he have nothing to validate! His BGP is implemented safely,
its just his upstream is not validating routes.


So, that same ISP who is not validating because it has a default route
could push its providers to do validation and then be as safe as other
validating themselves ?

Rubens

Typically, those who have "default route only" are too small to beheard,

and their "wishes" doesn't go beyond the first line of support.
Not to mention that it does not work at all if upstream is a monopoly,

especially a state monopoly, who wont move a finger for "optionalfeatures".


And most important, the most common answer:
All Tier-1 implemented it? No.
Major hosting operators, such as AWS, gcloud, etc? - No.
So...

Current thread:

Re: "Is BGP safe yet?" test, (continued)
- - - Re: "Is BGP safe yet?" test Randy Bush (Apr 21)
- Re: "Is BGP safe yet?" test Tom Beecher (Apr 20)
  - Re: "Is BGP safe yet?" test Cummings, Chris (Apr 20)
    - Re: "Is BGP safe yet?" test Tom Beecher (Apr 20)
    - Re: "Is BGP safe yet?" test Mark Tinka (Apr 20)
    - Re: "Is BGP safe yet?" test Tom Beecher (Apr 20)
    - Re: "Is BGP safe yet?" test Mark Tinka (Apr 20)
    - Re: "Is BGP safe yet?" test Andrey Kostin (Apr 20)
    - Re: "Is BGP safe yet?" test Denys Fedoryshchenko (Apr 20)
    - Re: "Is BGP safe yet?" test Rubens Kuhl (Apr 20)
    - Re: "Is BGP safe yet?" test Denys Fedoryshchenko (Apr 20)
    - Re: "Is BGP safe yet?" test Andrey Kostin (Apr 20)
    - Re: "Is BGP safe yet?" test Mark Tinka (Apr 21)
    - Re: "Is BGP safe yet?" test Andrey Kostin (Apr 20)
    - Re: "Is BGP safe yet?" test Mark Tinka (Apr 20)
    - Re: "Is BGP safe yet?" test Christopher Morrow (Apr 20)
    - Re: "Is BGP safe yet?" test Alex Band (Apr 20)
    - Re: "Is BGP safe yet?" test Christopher Morrow (Apr 20)
    - Re: "Is BGP safe yet?" test jim deleskie (Apr 20)
    - Re: "Is BGP safe yet?" test Denys Fedoryshchenko (Apr 20)
    - Re: "Is BGP safe yet?" test Baldur Norddahl (Apr 20)

(Thread continues...)