On Fri, 22 Mar 2019, Sascha Luck [ml] wrote:
On Thu, Mar 21, 2019 at 11:12:02PM +0100, JORDI PALET MARTINEZ via
anti-abuse-wg wrote:
3) We may need to refine the text, but the suspected hijacker, in case of
sponsored resources, is the suspected hijacker, not the sponsoring LIR
(which may not even have relation to it). However, some people indicated
that the direct peer should be also accountable. I think I also mention
this before, one possible option is to tell the direct peer the first time
"this is a warning report", please make sure to improve your filters.
Now I'm confused. In another post, Carlos indicated that someone
who receives a hijacked prefix is a victim and here they are also
Bad People. I'm not sure what to think about a retributive
proposal that can't even keep the "victims" and the "offenders"
apart. In this case ("neighbours are bad") it reminds me of a UK law
that punishes not only an illegal immigrant but also the landlord
who fails to refuse to rent them a flat.
Hi,
The issue here might be the difference between a peering and a transit
relationship.
If hijacker Z announces prefix Y to network X. Then network X will
route packets towards the hijacker, even if X doesn't propagate prefix Y
any further to any other 3rd party networks.
An hijacker can join an IXP and announce an hijacked prefix to one, some
or all of the IXP's membership. In that case we will have one, some or
many victims.
Hope it is clear now.
Regards,
Carlos
rgds,
SL
