This report has been generated at Fri Jan 27 21:46:51 2006 AEST.
The report analyses the BGP Routing Table of an AS4637 (Reach) router
and generates a report on aggregation potential within the table.
Check http://www.cidr-report.org/as4637 for a current version of this report.
Recent Table Hist
All these explanations can only go so far as to show that ConEd
and its upstreams may have had these prefixes as something that is
allowed (due to previous transit relationships) to be annnounced.
However presumably all these were transit arrangements with ConEd
and ip blocks would have origina
> what I saw by going through the diffs, etc.. that I have
> available to me is that the prefix was registered to be announced
> by our customer and hence made it into our automatic IRR filters.
i.e., the 'error' was intended, and followed all process.
so, what i don't see is how any hacks on ro
On Fri, Jan 27, 2006 at 04:36:28AM -0800, Randy Bush wrote:
>
> > what I saw by going through the diffs, etc.. that I have
> > available to me is that the prefix was registered to be announced
> > by our customer and hence made it into our automatic IRR filters.
>
> i.e., the 'error' was intende
> seems to me that certified validation of prefix ownership and as
> path are the only real way out of these problems that does not
> teach us the 42 reasons we use a *dynamic* protocol.
Wouldn't a well-operated network of IRRs used by 95% of
network operators be able to meet all three of your
re
> Wouldn't a well-operated network of IRRs used by 95% of
> network operators be able to meet all three of your
> requirements?
>
> -certified prefix ownership
> -certified AS path ownership
> -dynamic changes to the above two items
>
> It seems to me that most of the pieces needed to do
> this al
randy, all,
On Fri, Jan 27, 2006 at 04:36:28AM -0800, Randy Bush wrote:
>
> > what I saw by going through the diffs, etc.. that I have
> > available to me is that the prefix was registered to be announced
> > by our customer and hence made it into our automatic IRR filters.
>
> i.e., the 'error
On 27-Jan-2006, at 07:51, [EMAIL PROTECTED] wrote:
perhaps you mean certified validation of prefix origin
and path.
In the absense of path valdiation, a method of determining the real
origin of a prefix is also required, if the goal is to prevent
intentional hijacking as
On Fri, Jan 27, 2006 at 10:42:11AM -0500, Joe Abley wrote:
>
> On 27-Jan-2006, at 07:51, [EMAIL PROTECTED] wrote:
>
> > perhaps you mean certified validation of prefix origin
> > and path.
>
> In the absense of path valdiation, a method of determining the real
> origin of a prefix is
> certified validation of prefix ownership (and path, as has been
> pointed out) would be great. it's clearly a laudable goal and seemed
> like the right way to go. but right now, no one is doing it. the
> rfcs that's i've found have all expired. and the conversation about
> it has reached the
On 27-Jan-2006, at 11:12, [EMAIL PROTECTED] wrote:
but by definition, the right-most entry is the prefix origin...
Suppose AS 9327 decides to originate 198.32.6.0/24, but prepends 4555
to the AS_PATH as it does so. Suppose 9327's uses a transit provider
which builds prefix filter
Thus spake <[EMAIL PROTECTED]>
seems to me that certified validation of prefix ownership and as
path are the only real way out of these problems that does not
teach us the 42 reasons we use a *dynamic* protocol.
Wouldn't a well-operated network of IRRs used by 95% of
network operators be able
On Jan 27, 2006, at 8:29 AM, [EMAIL PROTECTED] wrote:
seems to me that certified validation of prefix ownership and as
path are the only real way out of these problems that does not
teach us the 42 reasons we use a *dynamic* protocol.
Wouldn't a well-operated network of IRRs used by 95% of
ne
On Jan 27, 2006, at 11:39 AM, Joe Abley wrote:
On 27-Jan-2006, at 11:12, [EMAIL PROTECTED] wrote:
but by definition, the right-most entry is the prefix origin...
Suppose AS 9327 decides to originate 198.32.6.0/24, but prepends
4555 to the AS_PATH as it does so. Suppose 9327's uses
I'm not sure how on-topic this is/was, but considering long thread
and different opinions that were expressed before, I believe some
here may want to have additional information I recently read:
http://www.emailbattles.com/archive/battles/phish_aacgebeeje_hc/
The article author talked to both
On Fri, Jan 27, 2006 at 11:39:27AM -0500, Joe Abley wrote:
>
> On 27-Jan-2006, at 11:12, [EMAIL PROTECTED] wrote:
>
> > but by definition, the right-most entry is the prefix origin...
>
> Suppose AS 9327 decides to originate 198.32.6.0/24, but prepends 4555
> to the AS_PATH as it does so.
On 27-Jan-2006, at 11:54, Patrick W. Gilmore wrote:
On Jan 27, 2006, at 8:29 AM, [EMAIL PROTECTED] wrote:
seems to me that certified validation of prefix ownership and as
path are the only real way out of these problems that does not
teach us the 42 reasons we use a *dynamic* protocol.
Wou
This is an automated weekly mailing describing the state of the Internet
Routing Table as seen from APNIC's router in Japan.
Daily listings are sent to [EMAIL PROTECTED]
If you have any comments please contact Philip Smith <[EMAIL PROTECTED]>.
Routing Table Report 04:00 +10GMT Sat 28 Jan, 2006
On Jan 27, 2006, at 12:57 PM, Joe Abley wrote:
On 27-Jan-2006, at 11:54, Patrick W. Gilmore wrote:
On Jan 27, 2006, at 8:29 AM, [EMAIL PROTECTED] wrote:
seems to me that certified validation of prefix ownership and as
path are the only real way out of these problems that does not
teach us the
Todd Underwood wrote:
>you're probably right (as usual). but it seems that if you delay
>acceptance of announcements with novel origination patterns, you don't
>harm very many legitimate uses. in particular, ASes changing
>upstreams won't be harmed at all. people moving their prefix to a new
>
Todd Underwood wrote:
>> seems to me that certified validation of prefix ownership and as
>> path are the only real way out of these problems that does not
>> teach us the 42 reasons we use a *dynamic* protocol.
>certified validation of prefix ownership (and path, as has been
>pointed out) would
Michael.Dillon wrote:
>-certified prefix ownership
>-certified AS path ownership
>-dynamic changes to the above two items
There is, as Joe Abley mentioned, a definition of authorization
in routing registries. But the definition of "certified" still
becomes problematic/controverial at times. cr
Michael.Dillon wrote:
>Writing RFCs is a fine way to document operational
>best practices, but it is not a good way to work out
>joint operational practices.
>Seems to me that operational problem solving works
>better when the problem is not thrown into the laps
>of the protocol designers.
If
On Thu, 26 Jan 2006, Crist Clark wrote:
> Because domestically the US gov't (or local LEOs) can just intercept the
> calls when they hit the PSTN. They don't bother intercepting between the
> phone and its access point.
Securing against people who might casually sniff your connection is better
t
>
> This is great for the planned changes, but real-time changes to
> respond to Internet dynamics won't work well with such delays. If you
> are multi-homed to provide a backup, you would like for it to respond
> more quickly than 4-72 hours, I'll bet. So if you have PI space but not
> your ow
Anyone else have LimeLight randomly decide to renumber their IP blocks
on Friday afternoon without any heads up to anyone? Just curious to see
who else had their connectivity go down because of it...
Yay!
-Mike
On Fri, 27 Jan 2006, Gadi Evron wrote:
> "Even so, 300,000 infected users worldwide is not a terribly large
> amount when compared to previous worms like Sober or Mydoom. However,
> with this worm it isn't the quantity of infected users, it is the
> destructive payload which is most concerning."
27 matches
Mail list logo
