On Thu, Jun 13, 2019 at 09:58:20AM -0400, Joe Abley wrote: > Hey Joe, > > On 12 Jun 2019, at 12:37, Joe Provo <nanog-p...@rsuc.gweep.net> wrote: > > > On Wed, Jun 12, 2019 at 04:10:00PM +0000, David Guo via NANOG wrote: > >> Send abuse complaint to the upstreams > > > > ...and then name & shame publicly. AS-path forgery "for TE" was > > never a good idea. Sharing the affected prefix[es]/path[s] would > > be good. > > I realise lots of people dislike AS_PATH stuffing with other peoples' AS > numbers and treat it as a form of hijacking. > > However, there's an argument that AS_PATH is really just a > loop-avoidance mechanism, not some kind of AS-granular traceroute > for prefix propagation. In that sense, stuffing 9327 into a prefix > as a mechanism to stop that prefix being accepted by AS 9327 seems > almost reasonable. (I assume this is the kind of TE you are talking > about.) > > What is the principal harm of doing this? Honest question. I'm > not advocating for anything, just curious.
There is no way at a distance to tell the difference between: - legitimate AS forwarding - ham-fistedly attempting "innocent" TE away from the forged AS - maliciously hiding traffic from the forged AS - an error with the forged AS IME, when you can NOT look like an error or an attack, that's a Good Thing. The last "major" provider who failed to provide BGP community-based TE was 3549, and with their absorbtion into 3356 no one should have any tolerance for this garbage, IMNSHO. Cheers, joe -- Posted from my personal account - see X-Disclaimer header. Joe Provo / Gweep / Earthling