On Tue, Jan 13, 2009 at 07:00:34AM -0800, David Barak wrote:
> If the concern was a Pilosov/Kapela style hijack, wouldn't the first thing 
> you'd check be what the address range was?  That would lead you straight to 
> Randy, and that should have cleared up the matter straightaway.  Remember: 
> the owner of the IP space is the victim, not the ASN which gets prepended 
> into the path...
> 

        No, they are both victims.  If I inject a path that purports
there is an edge between two networks which are engaged in a bitter
dispute, (i'll use cogent & sprint as an example) - _1239_174_ that may
create a situation where someone asserts that their routes are
being filtered when infact no connectivity exists.

        Does that mean that I hijacked their identiy and forged it?  What
level of trust do you place in the AS_PATH for your routing, debugging and
decision making process?

        Personally, I would be upset if someone injected a route with my
ASN in the AS_PATH without my permission.

        - Jared

-- 
Jared Mauch  | pgp key available via finger from ja...@puck.nether.net
clue++;      | http://puck.nether.net/~jared/  My statements are only mine.

Reply via email to