Sean, > On Aug 26, 2019, at 2:43 PM, Töma Gavrichenkov <xima...@gmail.com> wrote: > > Peace, > > On Mon, Aug 26, 2019, 8:05 PM Sean Donelan <s...@donelan.com> wrote: > Do any major ISPs have SLA language about monitoring inter-provider > agreements for route hijacking, route leaks, address spoofing, and so on? > > I'm looking for something more proactive than waiting for a customer to > notice a problem and open a trouble ticket. > > BWAHHHAHHAHAAHAHAAAA > > No.
We do our own internal monitoring of our announcements for now. Our general reaction is to deactivate sites where this is seen and work to understand what happened. Most commonly we see things before our network partners are aware, including issues within their own networks. It has been improving over the years and I think we are steadily seeing more monitoring and measurement but there’s many subtle things we see. There’s a few well-known hijackers out there that need and will become depeered before too long, but mostly we see providers doing things they aren’t even aware they just did. The number of /30s and similar things that happen, but many events are just detour routing. - Jared
