On Tue, Nov 13, 2018 at 3:34 PM Aftab Siddiqui <aftab.siddi...@gmail.com> wrote:
> Hi Binh, > Thanks for sharing this. The most likely issue is NO prefix filtering at > China Telecom end. Mainone (AS37282) leaked probably everything they > learned from IXPN (Lagos IXP) Route Server to its direct peer AS4809 (China > Telecom). > > I have presented the status of BOGON announcements, Prefix Hijacks and BGP > Leaks in last 2 AusNOG events and have seen some improvements as well. BUT > there is so much to do. > > >> --- How to avoid? >> >> https://www.ausnog.net/sites/default/files/ausnog-2018/presentations/2.10.5_Binh_Lam_AusNOG2018_Lightning.pdf >> >> I highly recommended all of large ISP, ASP, Cloud Provider, or any >> critical infrastructure hosting.. >> 1. clean up your route object. enable rpki for your route objects.. >> > > AU/NZ status of ROAs is close to ZERO. > > >> 2. review filter policy >> > Absolutly and probably automate it if you can > > >> 3. review routing policy.. > announce /24 to all upstreams, peers equally >> for your critical infrastructure! >> > Are you suggesting everyone should deaggregate and announce /24? > certainly not suggesting everyone on this planet :-).. just to whom who provided critical infrastructures (ie, email, DNS hosting, cloud providers, online banking sites subnets, high profile sensitive online sites , etc..) by announcing /24 will potentially reduce the risk/impact when the route is hijacked.. looking at route53.. they are now announce /24, instead of 23 as an example.
_______________________________________________ AusNOG mailing list AusNOG@lists.ausnog.net http://lists.ausnog.net/mailman/listinfo/ausnog