[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

CloudFlare issues?

Subject: CloudFlare issues?
From: hugge at nordu.net (Fredrik Korsbäck)
Date: Mon, 24 Jun 2019 22:10:54 +0200
In-reply-to: <[email protected]>
References: <B646241725B36940945DFA68339668E93ADA00A0@exchange.exchange.interhost.co.il> <[email protected]> <CAPs-5xX-4-pizg1G5dp7r9XcRuQpXhGNBODsr1AELLt3z9_Csw@mail.gmail.com> <CAM3TTh2H+_nuGkV4v5ts6gdPMz-zsHzz08OODSuHXMfgfEK_FQ@mail.gmail.com> <CAPs-5xWJgECLc+KNEk+6=HVx=RUS46rDh46yt_jfWO7K0cK2jQ@mail.gmail.com> <CAL89SgJeJdZx4HZJSuqGh9kjK27a++nSBAf8ZsADSgPG0C2wAQ@mail.gmail.com> <[email protected]> <[email protected]>

On 2019-06-24 20:16, Mark Tinka wrote:
> 
> 
> On 24/Jun/19 16:11, Job Snijders wrote:
> 
>>
>>     - deploy RPKI based BGP Origin validation (with invalid == reject)
>>     - apply maximum prefix limits on all EBGP sessions
>>     - ask your router vendor to comply with RFC 8212 ('default deny')
>>     - turn off your 'BGP optimizers'
> 
> I cannot over-emphasize the above, especially the BGP optimizers.
> 
> Mark.
> 

+1

https://honestnetworker.net/2019/06/24/leaking-your-optimized-routes-to-stub-networks-that-then-leak-it-to-a-tier1-transit-that-doesnt-filter/



-- 
hugge

References:
- CloudFlare issues?
  - From: dmitry at interhost.net (Dmitry Sherman)
- CloudFlare issues?
  - From: daknob.mac at gmail.com (Antonios Chariton)
- CloudFlare issues?
  - From: me at robbiet.us (Robbie Trencheny)
- CloudFlare issues?
  - From: dovid at telecurve.com (Dovid Bender)
- CloudFlare issues?
  - From: me at robbiet.us (Robbie Trencheny)
- CloudFlare issues?
  - From: tom at cloudflare.com (Tom Paseka)
- CloudFlare issues?
  - From: job at instituut.net (Job Snijders)
- CloudFlare issues?
  - From: mark.tinka at seacom.mu (Mark Tinka)

Prev by Date: Cost effective time servers
Next by Date: How Verizon and a BGP Optimizer Knocked Large Parts of the Internet Offline Today
Previous by thread: CloudFlare issues?
Next by thread: CloudFlare issues?
Index(es):
- Date
- Thread