[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Prefix hijacking, how to prevent and fix currently

Subject: Prefix hijacking, how to prevent and fix currently
From: saku at ytti.fi (Saku Ytti)
Date: Fri, 29 Aug 2014 11:55:11 +0300
In-reply-to: <[email protected]>
References: <CAAjbWEr_o+yQY1T72JMvJ_Nw2Eu2L7=TzZ0dc33mhodo5JB=yw@mail.gmail.com> <[email protected]>

On (2014-08-29 03:24 +0000), Fred Baker (fred) wrote:

> Do you implement RPKI? Are providers that neighbor with them implementing RPKI?

I feel RPKI would be much more marketable if vendors would implement 'loose'
mode.
Loose mode would drop failing routes, iff there is covering (i.e. less
specific is ok) route already in RIB.
This mode would protect from routed hijacks, but not from non-routed hijacks,
which are less serious. And it would completely remove false-positive
blackholing.

There is very small incentive for SP to deploy RPKI, since user-error in
far-end, would make my product look worse than competitors product. I'm
spending money to lose money.

-- 
  ++ytti

Follow-Ups:
- Prefix hijacking, how to prevent and fix currently
  - From: randy at psg.com (Randy Bush)

References:
- Prefix hijacking, how to prevent and fix currently
  - From: lists at tarundua.net (Tarun Dua)
- Prefix hijacking, how to prevent and fix currently
  - From: fred at cisco.com (Fred Baker (fred))

Prev by Date: JANOG 34 Meeting Report
Next by Date: Prefix hijacking, how to prevent and fix currently
Previous by thread: Prefix hijacking, how to prevent and fix currently
Next by thread: Prefix hijacking, how to prevent and fix currently
Index(es):
- Date
- Thread