[lacnog] IP Squatting en la region?

Doug Madory dmadory en renesys.com
Vie Feb 6 20:42:49 BRST 2015


> I do not find a relationship between this incident and prefix hijacking,
> which is the center of your blog post.

The blog post discusses IP squatting and that was the original question (and the subject of this thread). So that is the connection.

> Now, I do not follow your conclusion. Seams to me that all the incidents
> that you detected but incident number 5 could be detected and removed by
> implementing RPKI and BGP origin validation, without the need for BGPSEC.
> RPKI and origin validation is available today to be implemented.
> Particularly, the LACNIC region has already 26% adoption of RPKI objects
> (and growing). Unfortunately, I did not find any reference to RPKI and
> origin validaiton in your blogpost.

That's true I didn't mention those techniques to prevent these incidents. That's not the same as saying they wouldn't prevent them if everyone filtered bogus announcements based on RPKI or origin validation.

What is interesting to consider is that for nearly all of these incidents, we're seeing 100% of our 400+ peers accept these bogus routes. While we don't peer with every single AS on the Internet, I have yet to encounter evidence that things like RPKI or origin validation are making any measurable difference. 

If those techniques were widely used, I would expect to see a percentage less than 100% carrying the bogus routes.


------------ próxima parte ------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 496 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <https://mail.lacnic.net/pipermail/lacnog/attachments/20150206/df40d226/attachment.sig>


Más información sobre la lista de distribución LACNOG