Re: Prefix-Hijack by AS7514

On Fri, Jul 17, 2015 at 10:47:38AM +, Wolfgang Tremmel wrote: > > > On 17.07.2015, at 12:03, Mark Tinka wrote: > > > > Some countries I know do this for their exchange points. But > > by-and-large, it is not scalable. Same goes for AS_PATH lists for peering. > > it does scale. > We do this

AW: Prefix-Hijack by AS7514

: AT U63216601 -Ursprüngliche Nachricht- Von: NANOG [mailto:nanog-boun...@nanog.org] Im Auftrag von Wolfgang Tremmel Gesendet: Freitag, 17. Juli 2015 12:48 An: nanog@nanog.org Betreff: Re: Prefix-Hijack by AS7514 > On 17.07.2015, at 12:03, Mark Tinka wrote: > > Some countries I know do

Re: Prefix-Hijack by AS7514

On 17/Jul/15 12:47, Wolfgang Tremmel wrote: > it does scale. > We do this for all our routeservers at all exchange points we operate. > In Frankfurt we have 745 peers on our routeservers. So you have prefix and AS_PATH lists for each of the members you peer with that strictly define the prefixes

Re: Prefix-Hijack by AS7514

> On 17.07.2015, at 12:03, Mark Tinka wrote: > > Some countries I know do this for their exchange points. But > by-and-large, it is not scalable. Same goes for AS_PATH lists for peering. it does scale. We do this for all our routeservers at all exchange points we operate. In Frankfurt we have 7

Re: AW: AW: Prefix-Hijack by AS7514

On 17/Jul/15 11:46, Matsuzaki Yoshinobu wrote: > Yes, I agree, and we have done that. How about peering partners - > which is our case this time. Is it feasible to maintain strict > inbound prefix filters for all peering relationships? To be honest, not really. Some countries I know do this f

Re: AW: AW: Prefix-Hijack by AS7514

Colin Johnston wrote > even if customer router crash fault, should have been filtered via > prefix list blocking to only allow customer network prefixs to be > anounced onwards ? as per best practice Yes, I agree, and we have done that. How about peering partners - which is our case this time.

Re: AW: AW: Prefix-Hijack by AS7514

even if customer router crash fault, should have been filtered via prefix list blocking to only allow customer network prefixs to be anounced onwards ? as per best practice colin Sent from my iPhone > On 17 Jul 2015, at 09:55, Matsuzaki Yoshinobu wrote: > > Colin Johnston wrote >> any idea w

Re: AW: AW: Prefix-Hijack by AS7514

Colin Johnston wrote > any idea why error happened ? > what config needs fixing to mitigate mistake? > it was easy to see problem via ripe atlas :) I just got brief explanation from a friend in AS7514. A router in their network suddenly went out of control, and it seems this somehow generated wr

Re: AW: AW: Prefix-Hijack by AS7514

any idea why error happened ? what config needs fixing to mitigate mistake? it was easy to see problem via ripe atlas :) colin Sent from my iPhone > On 17 Jul 2015, at 09:32, Matsuzaki Yoshinobu wrote: > > Date: Fri, 17 Jul 2015 15:38:13 +0900 > "Paul S." wrote >> I let IIJ know too, hopefull

Re: AW: AW: Prefix-Hijack by AS7514

Date: Fri, 17 Jul 2015 15:38:13 +0900 "Paul S." wrote > I let IIJ know too, hopefully they'll filter it soon. It seems AS7514 stopped the announcements around 06:54UTC. I am not sure how BGPmon guesses AS relationships, but it needs improvements as it shows IIJ as an upstream of AS7514 wrongly.

Re: AW: AW: Prefix-Hijack by AS7514

Nachricht- Von: Seiichi Kawamura [mailto:kawamu...@mesh.ad.jp] Gesendet: Freitag, 17. Juli 2015 08:29 An: Jürgen Jaritsch ; Hugo Slabbert Cc: 'nanog@nanog.org' Betreff: Re: AW: Prefix-Hijack by AS7514 I contacted 7514. They are aware. -Seiichi On 2015/07/17 15:23, Jürgen Jaritsch

AW: AW: Prefix-Hijack by AS7514

Juli 2015 08:33 An: Jürgen Jaritsch ; Hugo Slabbert Cc: 'nanog@nanog.org' Betreff: Re: AW: Prefix-Hijack by AS7514 At 06:23 17/07/2015 +, Jürgen Jaritsch wrote: >We already informed AS2497 but I have no idea if they we'll cooperate. All prefixes I see have the first octet as

Re: AW: Prefix-Hijack by AS7514

To: "'nanog@nanog.org'" >Subject: Prefix-Hijack by AS7514 > >Hi, > >does anyone else see some prefix hijacks from AS7514? They started to announce some of our /24 > > >Thanks & best regards > >Jürgen Jaritsch >Head of Network & In

AW: AW: Prefix-Hijack by AS7514

9 An: Jürgen Jaritsch ; Hugo Slabbert Cc: 'nanog@nanog.org' Betreff: Re: AW: Prefix-Hijack by AS7514 I contacted 7514. They are aware. -Seiichi On 2015/07/17 15:23, Jürgen Jaritsch wrote: > We already informed AS2497 but I have no idea if they we'll cooperate. > > &

Re: AW: Prefix-Hijack by AS7514

ch: FN 289918a | Gerichtsstand: Klagenfurt | UID-Nummer: AT U63216601 > > -Ursprüngliche Nachricht- > Von: Hugo Slabbert [mailto:hslabb...@stargate.ca] > Gesendet: Freitag, 17. Juli 2015 08:23 > An: Jürgen Jaritsch > Cc: 'nanog@nanog.org' > Betreff: Re: Prefix

Re: Prefix-Hijack by AS7514

At 06:15 17/07/2015 +, Jürgen Jaritsch wrote: Hi, does anyone else see some prefix hijacks from AS7514? They started to announce some of our /24 Worldwide. -Hank Thanks & best regards Jürgen Jaritsch Head of Network & Infrastructure ANEXIA Internetdienstleistungs GmbH Telefon

AW: Prefix-Hijack by AS7514

08:23 An: Jürgen Jaritsch Cc: 'nanog@nanog.org' Betreff: Re: Prefix-Hijack by AS7514 Seeing the same; a /19. BGPMon reports an alert at 2015-07-17 05:29 (UTC) and that it's being accepted by 2497. -- Hugo Slabbert Stargate Connections - AS19171 -Original Message- >Date

Re: Prefix-Hijack by AS7514

7;" Subject: Prefix-Hijack by AS7514 Hi, does anyone else see some prefix hijacks from AS7514? They started to announce some of our /24 Thanks & best regards Jürgen Jaritsch Head of Network & Infrastructure ANEXIA Internetdienstleistungs GmbH Telefon: +43-5-0556-300 T

Prefix-Hijack by AS7514

Hi, does anyone else see some prefix hijacks from AS7514? They started to announce some of our /24 Thanks & best regards Jürgen Jaritsch Head of Network & Infrastructure ANEXIA Internetdienstleistungs GmbH Telefon: +43-5-0556-300 Telefax: +43-5-0556-500 E-Mail: j...@anexia.at