FYI - I did get a response back from BGPMon- they concur with Job:
"Hi Andy,
unfortunately we had a peer sending us a polluted BGP views. Most likely
using a BGP optimizer that is making up new paths.
We've reached out to 131477 and dropped the session with them.
This was most likely 131477 maki
Hi Steve and Job,
Same here- I didn't actually see my prefixes leaked anywhere I could
check, but I couldn't check near China where BGPmon's probe was
complaining. So I was glad it didn't seem to be spreading, but still
concerned that there may have been a large area (China) where my traffic
wa
On Thu, Aug 31, 2017 at 1:23 PM, Steve Feldman
wrote:
> Interesting. We also got similar BGPMon alerts about disaggregated
> portions of couple of our prefixes. I didn't see any of the bad prefixes in
> route-views, though.
>
> The AS paths in the alerts started with "131477 38478 ..." and looke
Interesting. We also got similar BGPMon alerts about disaggregated portions of
couple of our prefixes. I didn't see any of the bad prefixes in route-views,
though.
The AS paths in the alerts started with "131477 38478 ..." and looked valid
after that. Job's suggestion would explain that.
Hi Andy,
It smells like someone in 38478 or 131477 is using Noction or some other
BGP "optimizer" that injects hijacks for the purpose of traffic
engineering. :-(
Kind regards,
Job
On Thu, 31 Aug 2017 at 19:38, Andy Litzinger
wrote:
> Hello,
> we use BGPMon.net to monitor our BGP announcemen
5 matches
Mail list logo
