On Thu, May 31, 2018 at 02:40:06PM +0000, Job Snijders wrote:
> Upon further inspection, it seems more likely that the bgp optimiser is
> in ColoAU's network. Given the scale of AS 4637, if it were deployed
> inside Telstra I'd expect more problem reports. AS 4637 may actually
> just be an innocent bystander.
>
> It is interesting to note that the /23 only appears on their Sydney
> based routers on https://lg.coloau.com.au/
>
> Is ColoAU's refusal to cooperate a matter of misunderstanding? Perhaps
> you should just straight up ask whether they use any type of "network
> optimisation" appliance.
I found a few more interesting routes inside ColoAU's looking glass:
128.10.4.0/24 - AS_PATH 63956 4637 3257 29909 16532 16532 16532 16532
(should be 128.10.0.0/16 originated by AS 17, Purdue
University)
192.54.130.0/24 - AS path: 135069 9439
(does not exist in the DFZ, a peering lan
prefix? a typo?)
67.215.73.0/24 - AS path: 2764 1221 36692
(does not exist in the DFZ, a peering lan
prefix? a typo?)
ColoAU propagated the above routes to their transit customers, so the
128.10.4.0/24 and 18.29.238.0/23 announcements definitely count as BGP
hijacks with fabricated an AS_PATH.
Kind regards,
Job
