Christopher, On Nov 6, 2012, at 8:01 PM, Christopher Morrow wrote:
> On Tue, Nov 6, 2012 at 1:45 PM, Dan York <[email protected]> wrote: >> >> Here, in one easy-to-read article, is a great example of why we need RPKI >> and/or other "secure routing" technologies that verify the origins of route >> announcements: >> > > origin here doesn't seem to actually be bad. > path here seems to be unchanged from a possible path. > probably moratel shouldn't have tried to send all of their routes to > the rest of the world? > maybe the provider to moratel could have filter 'not moratel' routes? > (or filtered any of their routes... just like they didn't for > pktelecom in 07). Yes, someone else pointed out to me that this looks to be more of a standard "route leakage" that RPI / BGPSEC / etc. would have really done nothing to prevent. > >> http://blog.cloudflare.com/why-google-went-offline-today-and-a-bit-about >> >> Note: SIDR got a nice callout in the commentary on Hacker News: >> http://news.ycombinator.com/item?id=4747910 (the exact SIDR reference is >> here: http://news.ycombinator.com/item?id=4748108 ) > > yes, nice... sadly I'm not sure that sidr's work would have helped > here (aside from the possible early deployment steps of 'make > prefix-lists from rpki informed data from IRRs' ... of course, if you > can't be bothered to make prefix-filters to day :( Agreed, sadly... but the good news is that this whole thing did get more people thinking about the underlying router infrastructure. So if it gets some people to wake up and pay more attention, I think that's a good thing. Thanks, Dan -- Dan York [email protected] http://www.danyork.me/ skype:danyork Phone: +1-802-735-1624 Twitter - http://twitter.com/danyork
_______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
