Re: Do people even read these? Re: BGP Update Report

> On 19 Jun 2016, at 6:05 AM, Mikael Abrahamsson wrote: > > On Fri, 17 Jun 2016, cidr-rep...@potaroo.net wrote: > >> >> TOP 20 Unstable Prefixes >> Rank Prefix Upds % Origin AS -- AS Name >> 1 - 202.65.32.0/2128086 0.8% AS10131 -- CKTELECOM-CK-AP

Re: Do people even read these? Re: BGP Update Report

You did. -- "Everybody is a genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is stupid." --Albert Einstein From Larry's Cox account.

Do people even read these? Re: BGP Update Report

On Fri, 17 Jun 2016, cidr-rep...@potaroo.net wrote: TOP 20 Unstable Prefixes Rank Prefix Upds % Origin AS -- AS Name 1 - 202.65.32.0/2128086 0.8% AS10131 -- CKTELECOM-CK-AP Telecom Cook Islands, CK 2 - 110.170.17.0/24 21868 0.7% AS134438 -- AIRAAIFUL-AS-AP Aira &

Re: BGP Update Report

On 7/25/2015 08:26, Max Tulyev wrote: Unassigned ASN is used and even is in top of the list? WTF?! On 25.07.15 01:00, cidr-rep...@potaroo.net wrote: Rank ASNUpds % Upds/PfxAS-Name 2 - AS22059 140461 3.6% 70230.5 -- -Reserved AS-,ZZ It appears it

Re: BGP Update Report

Unassigned ASN is used and even is in top of the list? WTF?! On 25.07.15 01:00, cidr-rep...@potaroo.net wrote: Rank ASNUpds % Upds/PfxAS-Name 2 - AS22059 140461 3.6% 70230.5 -- -Reserved AS-,ZZ

Low-numbered ASes being hijacked? [Re: BGP Update Report]

cidr-report writes: BGP Update Report Interval: 20-Nov-14 -to- 27-Nov-14 (7 days) Observation Point: BGP Peering with AS131072 TOP 20 Unstable Origin AS Rank ASNUpds % Upds/PfxAS-Name [...] 11 - AS5 38861 0.6% 7.0 -- SYMBOLICS - Symbolics,

Re: Low-numbered ASes being hijacked? [Re: BGP Update Report]

Simon == Simon Leinen simon.lei...@switch.ch writes: Simon Some suspicious paths I'm seeing right now: Simon 133439 5 Simon 197945 4 my bet is on someone using the syntax prepend asnX timesY on a router that instead wants prepend asnX asnX -- Pierfrancesco Caci, ik5pvx

Re: Low-numbered ASes being hijacked? [Re: BGP Update Report]

Do these people never check what exactly they end up originating outbound due to a config change, if that's really the case? On 11/30/2014 午後 11:24, Pierfrancesco Caci wrote: Simon == Simon Leinen simon.lei...@switch.ch writes: Simon Some suspicious paths I'm seeing right now:

Re: Low-numbered ASes being hijacked? [Re: BGP Update Report]

I'm currently looking into AS3 in an attempt to figure out what's going on. Always interested to hear what others have found out. Cheers, Harry On Nov 30, 2014 8:57 AM, Simon Leinen simon.lei...@switch.ch wrote: cidr-report  writes: BGP Update Report Interval: 20-Nov-14 -to- 27-Nov-14

Re: Low-numbered ASes being hijacked? [Re: BGP Update Report]

On Mon, 01 Dec 2014 00:53:07 +0900, Paul S. said: Do these people never check what exactly they end up originating outbound due to a config change, if that's really the case? You're new here, aren't you? :) pgpeSOBr2fqm8.pgp Description: PGP signature

Re: Low-numbered ASes being hijacked? [Re: BGP Update Report]

On Mon, Dec 01, 2014 at 12:53:07AM +0900, Paul S. wrote: Do these people never check what exactly they end up originating outbound due to a config change, if that's really the case? Of course not because their neighbors are allowing it to pass; so as with all hijacks, deaggregation, and other

Re: Low-numbered ASes being hijacked? [Re: BGP Update Report]

On 11/30/2014 11:26 AM, valdis.kletni...@vt.edu wrote: On Mon, 01 Dec 2014 00:53:07 +0900, Paul S. said: Do these people never check what exactly they end up originating outbound due to a config change, if that's really the case? You're new here, aren't you? :) Thank you, I needed the

Re: Low-numbered ASes being hijacked? [Re: BGP Update Report]

.-- My secret spy satellite informs me that at 2014-11-30 6:24 AM Pierfrancesco Caci wrote: Simon == Simon Leinen simon.lei...@switch.ch writes: Simon Some suspicious paths I'm seeing right now: Simon 133439 5 Simon 197945 4 my bet is on someone using the syntax prepend

Re: Low-numbered ASes being hijacked? [Re: BGP Update Report]

- Original Message - From: Joe Provo nanog-p...@rsuc.gweep.net On Mon, Dec 01, 2014 at 12:53:07AM +0900, Paul S. wrote: Do these people never check what exactly they end up originating outbound due to a config change, if that's really the case? Of course not because their

Re: Low-numbered ASes being hijacked? [Re: BGP Update Report]

I’m not new here but the thread caught my eye, as I am one of the lower ASs being mentioned. I guess there isn’t really anything one can do to prevent these things other than listening to route servers, etc. I guess it’s all on what the upstream decides to allow-in and re-advertise. Jason

Re: Low-numbered ASes being hijacked? [Re: BGP Update Report]

- Original Message - Do these people never check what exactly they end up originating outbound due to a config change, if that's really the case? Of course not because their neighbors are allowing it to pass; so as with all hijacks, deaggregation, and other unfiltered noise, the

Re: BGP Update Report

It's not just AS_PATH, a lot of the reason so many duplicate updates occur (nearly 50% of all updates at times, and often more during the busiest times) is because on the other end implementations don't keep egress advertisement state per attribute (e.g., if cluster_list length just triggered

Re: BGP Update Report

On Mar 30, 2010, at 9:30 PM, Randy Bush wrote: might some of this be that the implementations use router-id to fill in an unconfigured rr cluster-id? Yep! So intermediate nodes in an iBGP topology with varying cluster IDs per RR with a common client set can certainly result in duplicate

Re: BGP Update Report

On Sun, Mar 28, 2010 at 01:20:04AM -0400, Anton Kapela wrote: So, this week, I actually read the update report. Noting the stats below (..a flap/update once per minute? please, fix your CPE router), I have but one humble request: Could the settlement-free members of the DFZ please consider

Re: BGP Update Report

Joe, The problem is that unless one is holding customer routes in a seperate VRF and dampen them there or take similar steps to segment, dampening leads directly to blackholes. Even in that case, failover within that VRF wouldn't work, as all implementations I've seen attack the prefix

Re: BGP Update Report

I'm guessing that the top 20 unstable ASes are Korean or Asian is related to the cable cuts in Asia? cidr-rep...@potaroo.net wrote: BGP Update Report Interval: 13-Aug-09 -to- 20-Aug-09 (7 days) Observation Point: BGP Peering with AS131072 TOP 20 Unstable Origin AS Rank ASNUpds

Re: BGP Update Report

It's nice to give Kazakhstan a break for a week or so. :p On Sat, Aug 22, 2009 at 12:56 AM, Matthew Moyle-Croft m...@internode.com.auwrote: I'm guessing that the top 20 unstable ASes are Korean or Asian is related to the cable cuts in Asia? cidr-rep...@potaroo.net wrote: BGP Update Report