[nsp-sec] contact at AS1239 needed, need to nuke 80.81.192.0/23 prefix
Gert Doering
gert at greenie.muc.de
Sat Aug 13 14:54:17 EDT 2011
Hi,
is there a contact at 1239 around that can help nuke a rogue prefix
leaked by 4766?
route-views>sh ip b 80.81.192.0/23
BGP routing table entry for 80.81.192.0/23, version 4108794431
Paths: (27 available, best #9, table Default-IP-Routing-Table)
Not advertised to any peer
3277 3267 174 1239 4766 4766 4766 4766 4766
194.85.102.33 from 194.85.102.33 (194.85.4.4)
Origin IGP, localpref 100, valid, external
Community: 3277:3267 3277:65100 3277:65320 3277:65326 3277:65330
this is *half* the exchange point prefix of DECIX in Frankfurt, and
is leaked by Korea Telekom. The only transit visible is 1239.
This is hurting a lot, because a number of ISPs at DECIX both lack
proper ingress filters and accept this prefix from their upstreams, and
also lack proper "no proxy-arp" configs at their IXP ports, so BGP
at DECIX is massively impacted right now.
This would be very much appreciated.
(If you need to convince yourself that this request is legit, feel free
to verify the route objects for the /23 and /22 in the RIPE IRR DB)
thanks,
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert at greenie.muc.de
fax: +49-89-35655025 gert at net.informatik.tu-muenchen.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 305 bytes
Desc: not available
URL: <https://puck.nether.net/mailman/private/nsp-security/attachments/20110813/464aee43/attachment-0001.sig>
More information about the nsp-security
mailing list