I didn't realized the routing table size problem with /24's. Stupid me.
Thanks everyone for updates. Appreciate good answers. On Fri, Aug 31, 2012 at 4:18 AM, George Herbert <george.herb...@gmail.com>wrote: > On Thu, Aug 30, 2012 at 8:41 AM, William Herrin <b...@herrin.us> wrote: > > On Thu, Aug 30, 2012 at 7:54 AM, Anurag Bhatia <m...@anuragbhatia.com> > wrote: > >> Is using /24 a must to protect (a bit) against route hijacking? > > > > Hi Anurag, > > > > Not only is it _not_ a must, it doesn't work and it impairs your > > ability to detect the fault. > > > > In a route hijacking scenario, traffic for a particular prefix will > > flow to the site with the shortest AS path from the origin. Your /24 > > competes with their /24. Half the Internet, maybe more maybe less > > depending on how well connected each of you are, will be inaccessible > > to you. > > Preventively there seems to be no utility to this. > > Reactively, after a hijacking starts, has anyone tried announcing both > (say) /24s for the block and (say) 2x /25s for it as well, to get > more-specific under the hijacker? Yes, a lot of places will filter > and ignore, but those that don't ... > > (Yes, sign your prefixes now, on general principles) > > > -- > -george william herbert > george.herb...@gmail.com > > -- Anurag Bhatia anuragbhatia.com Linkedin <http://in.linkedin.com/in/anuragbhatia21> | Twitter<https://twitter.com/anurag_bhatia>| Google+ <https://plus.google.com/118280168625121532854>
