You might find your /24 routes filtered out at a lot of places that do have sensible route filtering
But then yes, it'd protect you against the idiots who dont know bgp from a hole in the ground anyway and let whatever hijacking happen But I'd suggest do whatever such announcement if and only if you see a hijack, as a mitigation measure. On Thu, Aug 30, 2012 at 5:24 PM, Anurag Bhatia <m...@anuragbhatia.com> wrote: > Hello everyone! > > > > I tried looking on net but couldn't found direct answer, so thought to ask > here for some advise. > > Is using /24 a must to protect (a bit) against route hijacking? We all > remember case of YouTube 2008 and hijacking in Pakistan. At that time > YouTube was using /22 and thus /24 (more specific) announcement took almost > all of Google's traffic even when AS path was long. So Google's direct also > likely sent packets to Pakistan. Later Google too used /24 (and I guess /25 > too to effect some region of internet). Similar case I remember for issue > reported between Altus and hijacking by someone connected to Cleaveland > exchange when ISP was using /23 and spammer used /24. > > > So can we conclude that one should always use /24 to make sure that they > loose as little as possible traffic during prefix hijacking? > > > Also, if one uses /22 and /24 - will both prefixes will show in Global > routing table? I know /24 will be prefered but will ISP see /22 as well or > it will pop up only when /24 is filtered? > > > For one of IP's of Google.com, it seems it is coming from /16 and /24 > > > http://bgp.he.net/ip/74.125.224.137 > > > How can one print similar result from a route server like say Oregon route > views or any ISP's server? I always /24 when looking for that IP. (in > simple words - how bgp.he.net does this magic of popping both prefixes? I > failed to do get same result from HE's route server) > > > > > Thanks! > > -- > > Anurag Bhatia > anuragbhatia.com > > Linkedin <http://in.linkedin.com/in/anuragbhatia21> | > Twitter<https://twitter.com/anurag_bhatia>| > Google+ <https://plus.google.com/118280168625121532854> -- Suresh Ramasubramanian (ops.li...@gmail.com)