This will break the internet at scale. No. Ms. Lady Benjamin PD Cannon of Glencoe, ASCE 6x7 Networks & 6x7 Telecom, LLC CEO l...@6by7.net "The only fully end-to-end encrypted global telecommunications company in the world.”
FCC License KJ6FJJ Sent from my iPhone via RFC1149. > On Aug 9, 2021, at 5:20 PM, Robert McKay <rob...@mckay.com> wrote: > > On 2021-08-09 22:39, Baldur Norddahl wrote: >> man. 9. aug. 2021 22.13 skrev Grzegorz Janoszka >> <grzeg...@janoszka.pl>: >>>> On 2021-08-09 17:47, Billy Croan wrote: >>>>> How does the community feel about using /24 originations in BGP as >>> a >>>> tactical advantage against potential bgp hijackers? >>> RPKI is more effective than a competing /24. Unless they hijack you >>> ASn >>> as well. >> You will usually get an as path length advantage even if they do >> hijack your asn. > > Unless your RPKI is set to allow /24 but you normally advertise /21 or > something shorter.. then RPKI works to the hijacker's advantage. > > You could argue this is no different than before RPKI which is true.. except > that now that RPKI exists people are tempted to use it to automate > configuration and take humans out of the loop. > > I imagine there are quite a few RPKI enabled prefixes (those configured to > allow too long advertisements) that are easier to hijack now than they were > before RPKI existed. > > -Rob