[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
We hit half-million: The Cidr Report
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Le 29/04/2014 04:39, Valdis.Kletnieks at vt.edu a écrit :
> Do we have a handle on what percent of the de-aggrs are legitimate
> attempts at TE, and what percent are just whoopsies that should be
> re-aggregated?
Deaggs can "legitimatelly" occur for a different purpose : hijack
prevention (Pilosov & Kapela style).
It's fairly easy to punch a hole in a larger prefix, but winning the
reachability race while unable to propagate a more specific prefix
significantly increase hijacking costs.
For a less densely connected network (no presence on public IXPs, poor
transits...), renumbering critical services (DNS, MX, extranets) to
one of their /24s and de-aggregating it could be a smart move.
- --
Jérôme Nicolle
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlNg94YACgkQbt+nwQamihvv6wCdFS6gqfUJwD0m/OelYdWjCZui
S9cAnAkxlWyM4/JJmTPKxPWKYRXbz/c0
=vuYo
-----END PGP SIGNATURE-----