On Tue, Jan 13, 2009 at 07:00:34AM -0800, David Barak wrote:
> If the concern was a Pilosov/Kapela style hijack, wouldn't the first thing
> you'd check be what the address range was? That would lead you straight to
> Randy, and that should have cleared up the matter straightaway. Remember:
> the owner of the IP space is the victim, not the ASN which gets prepended
> into the path...
>
No, they are both victims. If I inject a path that purports
there is an edge between two networks which are engaged in a bitter
dispute, (i'll use cogent & sprint as an example) - _1239_174_ that may
create a situation where someone asserts that their routes are
being filtered when infact no connectivity exists.
Does that mean that I hijacked their identiy and forged it? What
level of trust do you place in the AS_PATH for your routing, debugging and
decision making process?
Personally, I would be upset if someone injected a route with my
ASN in the AS_PATH without my permission.
- Jared
--
Jared Mauch | pgp key available via finger from ja...@puck.nether.net
clue++; | http://puck.nether.net/~jared/ My statements are only mine.
