Seeing the same thing here. Had alerts from Cyclops roll in for all 7 of our prefixes at: 2009-07-28 08:30:26, lasted 35 mins or so:
Alert ID: 4910940 Alert type: origin change Monitored ASN,prefix: 174.137.112.0/20 Offending attribute: 174.137.112.0/20-13214 Date: 2009-07-28 08:30:26 UTC Duration: 00:00:01 (hh:mm:ss) --kyle On Tue, Jul 28, 2009 at 7:53 AM, sjk<s...@sleepycatz.com> wrote: > > > Russell Heilling wrote: >> 2009/5/11 Ricardo Oliveira <rvel...@cs.ucla.edu>: >>> Hi all, >>> >>> First, thanks for using Cyclops, and thanks for all the Cyclops users that >>> drop me a message about this. >>> >>> It seems some router in AS13214 decided to originate all the prefixes and >>> send them to AS48285 in the Caymans, all the ASPATHs are 48285 13214. >>> The first announcement was on 2009-05-11 11:03:11 UTC and last on 2009-05-11 >>> 12:16:32 UTC, there were 266,289 prefixes leaked (they were withdrawn >>> afterwards) >> >> It looks like AS13214 are misbehaving again... We have just started >> receiving cyclops alerts indicating that AS13214 is announcing our >> prefixes again: > > We are seeing the same thing for two of our prefixes: > > Offending attribute: 66.251.224.0/19-13214 > > Offending attribute: 66.146.192.0/19-48285 > > Pretty annoying > > --steve > > >
