SlideShare uma empresa Scribd logo

Misused top ASNs

APNIC
APNIC

Misused top ASNs, Anurag Bhatia. A presentation given at APRICOT 2016’s Network Security session on 24 February 2016.

Internet
1 de 21
Anurag Bhatia - Hurricane Electric - APRICOT 2016 - Auckland, NZ - Misused Top ASNs Misused Top ASNs Analysis of AS1, AS2 and AS3 misuse!
Anurag Bhatia - Hurricane Electric - APRICOT 2016 - Auckland, NZ - Misused Top ASNs Officially allocated to... AS 1 - Level3 Communications AS 2 - University of Delaware AS 3 - MIT
Anurag Bhatia - Hurricane Electric - APRICOT 2016 - Auckland, NZ - Misused Top ASNs How they are “leaked” ?
Anurag Bhatia - Hurricane Electric - APRICOT 2016 - Auckland, NZ - Misused Top ASNs Reasons for leak... ● “Copy-paste” of sample prepend configuration “1 2 3” ● Mistakenly typing “1 2 or 3” in prepend rules in route filter / export policy statement
Anurag Bhatia - Hurricane Electric - APRICOT 2016 - Auckland, NZ - Misused Top ASNs Impact of leak Hard to determine statistically but ... ● Shows unexpected relationship of leaking AS with top ASN and among top ASNs! ● Considered to be “AS hijack” and bad for trust based BGP routing ● Can result in (a wrongly prepended) announcement getting filtered across parts of internet ● Chances of broken connectivity of these routes with top ASNs network due to BGP loop prevention
Anurag Bhatia - Hurricane Electric - APRICOT 2016 - Auckland, NZ - Misused Top ASNs AS1 Graph V4
Anurag Bhatia - Hurricane Electric - APRICOT 2016 - Auckland, NZ - Misused Top ASNs AS1 Peer V4
Anurag Bhatia - Hurricane Electric - APRICOT 2016 - Auckland, NZ - Misused Top ASNs Hunting for leakers... ● Analysis of routing table from multiple RIPE RIS collectors ● Analysis from 2010 to 2015 ● Looking for cases where top ASNs appear in AS_PATH for routes which belong to other ASNs. ● Focus of top ASNs appearance with prepends in the routing table ● Assumption that except AS1, other two top ASNs aren’t transit provider (since belonging to University) ● Leaks which appeared for less then 24hrs are not collected
Anurag Bhatia - Hurricane Electric - APRICOT 2016 - Auckland, NZ - Misused Top ASNs Distribution of appearance
Anurag Bhatia - Hurricane Electric - APRICOT 2016 - Auckland, NZ - Misused Top ASNs Distribution of leaks (IPv4 Vs IPv6)
Anurag Bhatia - Hurricane Electric - APRICOT 2016 - Auckland, NZ - Misused Top ASNs Some of who leaked AS1... AS Number Start Date End Date Visibility in days 5927 22-Jul-2011 3-Dec-2011 134 7046 9-May-2010 11-Jun-2010 33 14758 25-Apr-2013 20-Jun-2013 56 21011 28-Jan-2013 5-Feb-2013 8 21219 28-Jan-2013 5-Feb-2013 8 26114 11-Jun-2013 22-Jul-2015 771 35819 23-Nov-2014 26-Nov-2014 3 40807 7-Jan-2010 24-Apr-2010 107 45899 1-Dec-2014 17-Apr-2015 137 49994 26-Nov-2013 29-Nov-2013 3 50113 31-May-2013 8-Jun-2013 8 51282 3-Nov-2010 19-Nov-2010 16 52931 3-Nov-2010 19-Nov-2010 16 55836 24-Nov-2014 26-Nov-2014 2
Anurag Bhatia - Hurricane Electric - APRICOT 2016 - Auckland, NZ - Misused Top ASNs Some of who leaked AS2... AS Number Start Date End Date Visibility in days 12989 14-Oct-2014 26-Oct-2014 12 131211 19-May-2015 22-Jul-2015 64 131713 20-Apr-2015 4-Jun-2015 45 133219 6-Jul-2015 22-Jul-2015 16 17483 30-Jun-2010 7-Jul-2010 7 17658 7-Feb-2014 18-May-2015 465 197706 22-Sep-2011 25-Oct-2011 33 197790 7-Apr-2014 3-Jun-2014 57 197798 18-Jul-2013 26-Aug-2013 39 198040 2-Jan-2015 2-Feb-2015 31 23951 1-Feb-2011 23-Apr-2011 81 262587 29-May-2013 7-Jun-2013 9 262878 20-Aug-2011 25-Aug-2011 5 263042 17-Jul-2013 23-Aug-2013 37
Anurag Bhatia - Hurricane Electric - APRICOT 2016 - Auckland, NZ - Misused Top ASNs Some of who leaked AS3... AS Number Start Date End Date Visibility in days 9121 2-Mar-2010 10-Apr-2010 39 21385 28-Feb-2011 2-Mar-2011 2 24523 25-Nov-2011 16-Dec-2011 21 24953 5-Jul-2013 31-Jul-2013 26 25933 26-Jun-2015 29-Jun-2015 3 27969 15-Sep-2013 6-Feb-2015 509 33849 28-Jun-2010 3-Aug-2010 36 35631 2-Apr-2015 9-Apr-2015 7 37162 16-Jul-2014 8-Nov-2014 115 37371 29-Jan-2013 11-Apr-2014 437 38077 17-May-2010 25-May-2010 8 38761 22-Sep-2010 22-Oct-2010 30 41599 7-Jan-2010 30-Mar-2010 82 51002 27-Jul-2010 29-Jul-2010 2 53053 15-Apr-2015 27-May-2015 42
Anurag Bhatia - Hurricane Electric - APRICOT 2016 - Auckland, NZ - Misused Top ASNs Route leak visibility (in days)
Anurag Bhatia - Hurricane Electric - APRICOT 2016 - Auckland, NZ - Misused Top ASNs Longest leak 1445 days (~3.9 years) for AS1 by AS23383 Sample AS_PATHs 186.65.112.0/20,30132 6939 23520 23383 1 65430 186.65.112.0/20,8283 5580 23520 23383 1 190.185.108.0/22,30132 6939 23520 23383 1 65430 190.185.108.0/22,8283 5580 23520 23383 1
Anurag Bhatia - Hurricane Electric - APRICOT 2016 - Auckland, NZ - Misused Top ASNs Most amusing AS_PATH ever! 31019 39326 39326 3356 7029 1614 1614 1614 1614 1 2 3 4 5 TABLE_DUMP_V2|02/02/14 00:00:01|A|195.69.146.99|50763|74.122.136.0 /24|50763 8943 3549 7029 1614 1614 1614 1614 1 2 3 4 5|IGP
Anurag Bhatia - Hurricane Electric - APRICOT 2016 - Auckland, NZ - Misused Top ASNs Preventing such leaks ● If prepending is needed, prepend correctly i.e by repeating your own ASN multiple times ● Avoid typing ASNs by hand in config and prefer to copy paste (helps for long ASNs) ● Lookout for your router’s vendor's documentation on how to prepend.
Anurag Bhatia - Hurricane Electric - APRICOT 2016 - Auckland, NZ - Misused Top ASNs Prepend Sample Config - Cisco IPv4 Create route-map which would be applied in OUT direction with specific peer route-map NetworkA-OUT permit 10 set as-path prepend 64520 64520 <--- Important to prepend your own ASN. Don’t use any other random number here! Call the route-map in out direction on the BGP session for IPv4 router bgp 64520 no synchronization bgp log-neighbor-changes neighbor 192.168.1.2 remote-as64521 neighbor 192.168.1.2 route-map NetworkA-OUT out neighbor 192.168.1.2 route-map NetworkA-IN in no auto-summary
Anurag Bhatia - Hurricane Electric - APRICOT 2016 - Auckland, NZ - Misused Top ASNs Prepend Sample Config - Cisco IPv6 Create route-map which would be applied in OUT direction with specific peer route-map NetworkA-OUT permit 10 set as-path prepend 64520 64520 <--- Important to prepend your own ASN. Don’t use any other random number here! Call the route-map in out direction on the BGP session for IPv6 ! address-family ipv6 neighbor 2001:DB8:1:1::2 activate neighbor 2001:DB8:1:1::2 route-map NetworkA-OUT out network 2001:DB8:2::/48 exit-address-family !
Anurag Bhatia - Hurricane Electric - APRICOT 2016 - Auckland, NZ - Misused Top ASNs Prepend Sample Config - JunOS Create export policy which would be applied to the peer edit policy-options policy-statement Network-A-Out set term a from prefix-list Pool-set1 set term a then as-path-prepend “ 64520 64520” <--- Important to prepend your own ASN. Don’t use any other random number here! Call the route-map in out direction on the BGP session set protocols bgp group transits neighbor 192.168.1.2export Network-A-Out
Anurag Bhatia - Hurricane Electric - APRICOT 2016 - Auckland, NZ - Misused Top ASNs Thankyou! Questions? Peering? anurag@he.net http://he.net http://as6939.peeringdb.com

Recomendados

DDoS Mitigation using BGP Flowspec
DDoS Mitigation using BGP Flowspec DDoS Mitigation using BGP Flowspec
DDoS Mitigation using BGP Flowspec APNIC
 
An Introduction to BGP Flow Spec
An Introduction to BGP Flow SpecAn Introduction to BGP Flow Spec
An Introduction to BGP Flow SpecShortestPathFirst
 
Radware Cloud Security Services
Radware Cloud Security ServicesRadware Cloud Security Services
Radware Cloud Security ServicesRadware
 
Deep Learning Based Real-Time DNS DDoS Detection System
Deep Learning Based Real-Time DNS DDoS Detection SystemDeep Learning Based Real-Time DNS DDoS Detection System
Deep Learning Based Real-Time DNS DDoS Detection SystemSeungjoo Kim
 
DNS DDoS mitigation using Amazon Route 53 and AWS Shield
DNS DDoS mitigation using Amazon Route 53 and AWS ShieldDNS DDoS mitigation using Amazon Route 53 and AWS Shield
DNS DDoS mitigation using Amazon Route 53 and AWS ShieldAmazon Web Services
 
Btpsec Sample Penetration Test Report
Btpsec Sample Penetration Test ReportBtpsec Sample Penetration Test Report
Btpsec Sample Penetration Test Reportbtpsec
 
Ddos and mitigation methods.pptx (1)
Ddos and mitigation methods.pptx (1)Ddos and mitigation methods.pptx (1)
Ddos and mitigation methods.pptx (1)btpsec
 
Announcing AWS Shield - Protect Web Applications from DDoS Attacks
Announcing AWS Shield - Protect Web Applications from DDoS AttacksAnnouncing AWS Shield - Protect Web Applications from DDoS Attacks
Announcing AWS Shield - Protect Web Applications from DDoS AttacksAmazon Web Services
 

Recomendados

DDoS Mitigation using BGP Flowspec
DDoS Mitigation using BGP Flowspec DDoS Mitigation using BGP Flowspec
DDoS Mitigation using BGP Flowspec APNIC
 
An Introduction to BGP Flow Spec
An Introduction to BGP Flow SpecAn Introduction to BGP Flow Spec
An Introduction to BGP Flow SpecShortestPathFirst
 
Radware Cloud Security Services
Radware Cloud Security ServicesRadware Cloud Security Services
Radware Cloud Security ServicesRadware
 
Deep Learning Based Real-Time DNS DDoS Detection System
Deep Learning Based Real-Time DNS DDoS Detection SystemDeep Learning Based Real-Time DNS DDoS Detection System
Deep Learning Based Real-Time DNS DDoS Detection SystemSeungjoo Kim
 
DNS DDoS mitigation using Amazon Route 53 and AWS Shield
DNS DDoS mitigation using Amazon Route 53 and AWS ShieldDNS DDoS mitigation using Amazon Route 53 and AWS Shield
DNS DDoS mitigation using Amazon Route 53 and AWS ShieldAmazon Web Services
 
Btpsec Sample Penetration Test Report
Btpsec Sample Penetration Test ReportBtpsec Sample Penetration Test Report
Btpsec Sample Penetration Test Reportbtpsec
 
Ddos and mitigation methods.pptx (1)
Ddos and mitigation methods.pptx (1)Ddos and mitigation methods.pptx (1)
Ddos and mitigation methods.pptx (1)btpsec
 
Announcing AWS Shield - Protect Web Applications from DDoS Attacks
Announcing AWS Shield - Protect Web Applications from DDoS AttacksAnnouncing AWS Shield - Protect Web Applications from DDoS Attacks
Announcing AWS Shield - Protect Web Applications from DDoS AttacksAmazon Web Services
 
Misused top ASNs
Misused top ASNsMisused top ASNs
Misused top ASNsBangladesh Network Operators Group
 
Misused Top ASNs
Misused Top ASNsMisused Top ASNs
Misused Top ASNsAPNIC
 
Routing diff
Routing diffRouting diff
Routing diffBangladesh Network Operators Group
 
BGP Routing Table Report
BGP Routing Table ReportBGP Routing Table Report
BGP Routing Table ReportAPNIC
 
Let's talk about routing security, Anurag Bhatia, Hurricane Electric
Let's talk about routing security, Anurag Bhatia, Hurricane ElectricLet's talk about routing security, Anurag Bhatia, Hurricane Electric
Let's talk about routing security, Anurag Bhatia, Hurricane ElectricBangladesh Network Operators Group
 
IPv6 Performance
IPv6 PerformanceIPv6 Performance
IPv6 PerformanceAPNIC
 
Raytheon University Programs Open Job List- October 2018
Raytheon University Programs Open Job List- October 2018Raytheon University Programs Open Job List- October 2018
Raytheon University Programs Open Job List- October 2018Toni Havlik
 
APNIC Updates by Anna Mulingbayan
APNIC Updates by Anna MulingbayanAPNIC Updates by Anna Mulingbayan
APNIC Updates by Anna MulingbayanMyNOG
 
RPKI ROA updates
RPKI ROA updatesRPKI ROA updates
RPKI ROA updatesBangladesh Network Operators Group
 
Harmal Field Development Phase 1 and Phase 2 Final-10.10.2013-R2
Harmal Field Development Phase 1 and Phase 2 Final-10.10.2013-R2Harmal Field Development Phase 1 and Phase 2 Final-10.10.2013-R2
Harmal Field Development Phase 1 and Phase 2 Final-10.10.2013-R2Arun Bharadwaj
 
Raytheon University Programs Open Job List- November 2019
Raytheon University Programs Open Job List- November 2019Raytheon University Programs Open Job List- November 2019
Raytheon University Programs Open Job List- November 2019Toni Havlik
 
SGNOG2 - APNIC Updates
SGNOG2 - APNIC UpdatesSGNOG2 - APNIC Updates
SGNOG2 - APNIC UpdatesAPNIC
 
Raytheon University Openings - December 2019
Raytheon University Openings - December 2019Raytheon University Openings - December 2019
Raytheon University Openings - December 2019Toni Havlik
 
AP IPv6 Taskforce Economies: IPv6 Capabilty from APNIC measurements
AP IPv6 Taskforce Economies: IPv6 Capabilty from APNIC measurementsAP IPv6 Taskforce Economies: IPv6 Capabilty from APNIC measurements
AP IPv6 Taskforce Economies: IPv6 Capabilty from APNIC measurementsAPNIC
 
ACL London User Group - Question Box Session
ACL London User Group - Question Box SessionACL London User Group - Question Box Session
ACL London User Group - Question Box SessionAlex Psarras
 
Vardah and Routing Aftermath
Vardah and Routing AftermathVardah and Routing Aftermath
Vardah and Routing AftermathAPNIC
 
Raytheon University Programs Open Job List- November 2018
Raytheon University Programs Open Job List- November 2018Raytheon University Programs Open Job List- November 2018
Raytheon University Programs Open Job List- November 2018Toni Havlik
 
Power-Awarness in Coarse-Grained Reconfigurable Designs: a Dataflow Based Str...
Power-Awarness in Coarse-Grained Reconfigurable Designs: a Dataflow Based Str...Power-Awarness in Coarse-Grained Reconfigurable Designs: a Dataflow Based Str...
Power-Awarness in Coarse-Grained Reconfigurable Designs: a Dataflow Based Str...MDC_UNICA
 
ANNA UNIVERSITY Nov-Dec-2016 Examination Time Table (R-2013)
ANNA UNIVERSITY Nov-Dec-2016 Examination Time Table (R-2013)ANNA UNIVERSITY Nov-Dec-2016 Examination Time Table (R-2013)
ANNA UNIVERSITY Nov-Dec-2016 Examination Time Table (R-2013)Santhosh Kumar
 
IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119APNIC
 
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119APNIC
 
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119APNIC
 

Mais conteúdo relacionado

Semelhante a Misused top ASNs

Misused Top ASNs
Misused Top ASNsMisused Top ASNs
Misused Top ASNsAPNIC
 
BGP Routing Table Report
BGP Routing Table ReportBGP Routing Table Report
BGP Routing Table ReportAPNIC
 
Let's talk about routing security, Anurag Bhatia, Hurricane Electric
Let's talk about routing security, Anurag Bhatia, Hurricane ElectricLet's talk about routing security, Anurag Bhatia, Hurricane Electric
Let's talk about routing security, Anurag Bhatia, Hurricane ElectricBangladesh Network Operators Group
 
IPv6 Performance
IPv6 PerformanceIPv6 Performance
IPv6 PerformanceAPNIC
 
Raytheon University Programs Open Job List- October 2018
Raytheon University Programs Open Job List- October 2018Raytheon University Programs Open Job List- October 2018
Raytheon University Programs Open Job List- October 2018Toni Havlik
 
APNIC Updates by Anna Mulingbayan
APNIC Updates by Anna MulingbayanAPNIC Updates by Anna Mulingbayan
APNIC Updates by Anna MulingbayanMyNOG
 
Harmal Field Development Phase 1 and Phase 2 Final-10.10.2013-R2
Harmal Field Development Phase 1 and Phase 2 Final-10.10.2013-R2Harmal Field Development Phase 1 and Phase 2 Final-10.10.2013-R2
Harmal Field Development Phase 1 and Phase 2 Final-10.10.2013-R2Arun Bharadwaj
 
Raytheon University Programs Open Job List- November 2019
Raytheon University Programs Open Job List- November 2019Raytheon University Programs Open Job List- November 2019
Raytheon University Programs Open Job List- November 2019Toni Havlik
 
SGNOG2 - APNIC Updates
SGNOG2 - APNIC UpdatesSGNOG2 - APNIC Updates
SGNOG2 - APNIC UpdatesAPNIC
 
Raytheon University Openings - December 2019
Raytheon University Openings - December 2019Raytheon University Openings - December 2019
Raytheon University Openings - December 2019Toni Havlik
 
AP IPv6 Taskforce Economies: IPv6 Capabilty from APNIC measurements
AP IPv6 Taskforce Economies: IPv6 Capabilty from APNIC measurementsAP IPv6 Taskforce Economies: IPv6 Capabilty from APNIC measurements
AP IPv6 Taskforce Economies: IPv6 Capabilty from APNIC measurementsAPNIC
 
ACL London User Group - Question Box Session
ACL London User Group - Question Box SessionACL London User Group - Question Box Session
ACL London User Group - Question Box SessionAlex Psarras
 
Vardah and Routing Aftermath
Vardah and Routing AftermathVardah and Routing Aftermath
Vardah and Routing AftermathAPNIC
 
Raytheon University Programs Open Job List- November 2018
Raytheon University Programs Open Job List- November 2018Raytheon University Programs Open Job List- November 2018
Raytheon University Programs Open Job List- November 2018Toni Havlik
 
Power-Awarness in Coarse-Grained Reconfigurable Designs: a Dataflow Based Str...
Power-Awarness in Coarse-Grained Reconfigurable Designs: a Dataflow Based Str...Power-Awarness in Coarse-Grained Reconfigurable Designs: a Dataflow Based Str...
Power-Awarness in Coarse-Grained Reconfigurable Designs: a Dataflow Based Str...MDC_UNICA
 
ANNA UNIVERSITY Nov-Dec-2016 Examination Time Table (R-2013)
ANNA UNIVERSITY Nov-Dec-2016 Examination Time Table (R-2013)ANNA UNIVERSITY Nov-Dec-2016 Examination Time Table (R-2013)
ANNA UNIVERSITY Nov-Dec-2016 Examination Time Table (R-2013)Santhosh Kumar
 

Semelhante a Misused top ASNs (19)

Misused top ASNs
Misused top ASNsMisused top ASNs
Misused top ASNs
 
Misused Top ASNs
Misused Top ASNsMisused Top ASNs
Misused Top ASNs
 
Routing diff
Routing diffRouting diff
Routing diff
 
BGP Routing Table Report
BGP Routing Table ReportBGP Routing Table Report
BGP Routing Table Report
 
Let's talk about routing security, Anurag Bhatia, Hurricane Electric
Let's talk about routing security, Anurag Bhatia, Hurricane ElectricLet's talk about routing security, Anurag Bhatia, Hurricane Electric
Let's talk about routing security, Anurag Bhatia, Hurricane Electric
 
IPv6 Performance
IPv6 PerformanceIPv6 Performance
IPv6 Performance
 
Raytheon University Programs Open Job List- October 2018
Raytheon University Programs Open Job List- October 2018Raytheon University Programs Open Job List- October 2018
Raytheon University Programs Open Job List- October 2018
 
APNIC Updates by Anna Mulingbayan
APNIC Updates by Anna MulingbayanAPNIC Updates by Anna Mulingbayan
APNIC Updates by Anna Mulingbayan
 
RPKI ROA updates
RPKI ROA updatesRPKI ROA updates
RPKI ROA updates
 
Harmal Field Development Phase 1 and Phase 2 Final-10.10.2013-R2
Harmal Field Development Phase 1 and Phase 2 Final-10.10.2013-R2Harmal Field Development Phase 1 and Phase 2 Final-10.10.2013-R2
Harmal Field Development Phase 1 and Phase 2 Final-10.10.2013-R2
 
Raytheon University Programs Open Job List- November 2019
Raytheon University Programs Open Job List- November 2019Raytheon University Programs Open Job List- November 2019
Raytheon University Programs Open Job List- November 2019
 
SGNOG2 - APNIC Updates
SGNOG2 - APNIC UpdatesSGNOG2 - APNIC Updates
SGNOG2 - APNIC Updates
 
Raytheon University Openings - December 2019
Raytheon University Openings - December 2019Raytheon University Openings - December 2019
Raytheon University Openings - December 2019
 
AP IPv6 Taskforce Economies: IPv6 Capabilty from APNIC measurements
AP IPv6 Taskforce Economies: IPv6 Capabilty from APNIC measurementsAP IPv6 Taskforce Economies: IPv6 Capabilty from APNIC measurements
AP IPv6 Taskforce Economies: IPv6 Capabilty from APNIC measurements
 
ACL London User Group - Question Box Session
ACL London User Group - Question Box SessionACL London User Group - Question Box Session
ACL London User Group - Question Box Session
 
Vardah and Routing Aftermath
Vardah and Routing AftermathVardah and Routing Aftermath
Vardah and Routing Aftermath
 
Raytheon University Programs Open Job List- November 2018
Raytheon University Programs Open Job List- November 2018Raytheon University Programs Open Job List- November 2018
Raytheon University Programs Open Job List- November 2018
 
Power-Awarness in Coarse-Grained Reconfigurable Designs: a Dataflow Based Str...
Power-Awarness in Coarse-Grained Reconfigurable Designs: a Dataflow Based Str...Power-Awarness in Coarse-Grained Reconfigurable Designs: a Dataflow Based Str...
Power-Awarness in Coarse-Grained Reconfigurable Designs: a Dataflow Based Str...
 
ANNA UNIVERSITY Nov-Dec-2016 Examination Time Table (R-2013)
ANNA UNIVERSITY Nov-Dec-2016 Examination Time Table (R-2013)ANNA UNIVERSITY Nov-Dec-2016 Examination Time Table (R-2013)
ANNA UNIVERSITY Nov-Dec-2016 Examination Time Table (R-2013)
 

Mais de APNIC

IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119APNIC
 
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119APNIC
 
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119APNIC
 
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119APNIC
 
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119APNIC
 
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...APNIC
 
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC
 
NANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonNANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonAPNIC
 
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonDNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonAPNIC
 
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPNIC
 
Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6APNIC
 
AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!APNIC
 
CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023APNIC
 
AFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet developmentAFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet developmentAPNIC
 
AFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment StatusAFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment StatusAPNIC
 
AFSIG 2023: Internet routing and addressing
AFSIG 2023: Internet routing and addressingAFSIG 2023: Internet routing and addressing
AFSIG 2023: Internet routing and addressingAPNIC
 
AFSIG 2023: APNIC - Registry & Development
AFSIG 2023: APNIC - Registry & DevelopmentAFSIG 2023: APNIC - Registry & Development
AFSIG 2023: APNIC - Registry & DevelopmentAPNIC
 
Afghanistan IGF 2023: The ABCs and importance of cybersecurity
Afghanistan IGF 2023: The ABCs and importance of cybersecurityAfghanistan IGF 2023: The ABCs and importance of cybersecurity
Afghanistan IGF 2023: The ABCs and importance of cybersecurityAPNIC
 
IDNIC OPM 2023: IPv6 deployment planning and security considerations
IDNIC OPM 2023: IPv6 deployment planning and security considerationsIDNIC OPM 2023: IPv6 deployment planning and security considerations
IDNIC OPM 2023: IPv6 deployment planning and security considerationsAPNIC
 
IDNIC OPM 2023 - Internet Number Registry System
IDNIC OPM 2023 - Internet Number Registry SystemIDNIC OPM 2023 - Internet Number Registry System
IDNIC OPM 2023 - Internet Number Registry SystemAPNIC
 

Mais de APNIC (20)

IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119
 
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
 
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
 
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
 
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
 
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
 
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
 
NANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonNANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff Huston
 
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonDNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
 
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
 
Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6
 
AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!
 
CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023
 
AFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet developmentAFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet development
 
AFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment StatusAFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment Status
 
AFSIG 2023: Internet routing and addressing
AFSIG 2023: Internet routing and addressingAFSIG 2023: Internet routing and addressing
AFSIG 2023: Internet routing and addressing
 
AFSIG 2023: APNIC - Registry & Development
AFSIG 2023: APNIC - Registry & DevelopmentAFSIG 2023: APNIC - Registry & Development
AFSIG 2023: APNIC - Registry & Development
 
Afghanistan IGF 2023: The ABCs and importance of cybersecurity
Afghanistan IGF 2023: The ABCs and importance of cybersecurityAfghanistan IGF 2023: The ABCs and importance of cybersecurity
Afghanistan IGF 2023: The ABCs and importance of cybersecurity
 
IDNIC OPM 2023: IPv6 deployment planning and security considerations
IDNIC OPM 2023: IPv6 deployment planning and security considerationsIDNIC OPM 2023: IPv6 deployment planning and security considerations
IDNIC OPM 2023: IPv6 deployment planning and security considerations
 
IDNIC OPM 2023 - Internet Number Registry System
IDNIC OPM 2023 - Internet Number Registry SystemIDNIC OPM 2023 - Internet Number Registry System
IDNIC OPM 2023 - Internet Number Registry System
 

Último

Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhimiss dipika
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Dana Luther
 
Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Sonam Pathan
 
PHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationPHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationLinaWolf1
 
Elevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New OrleansElevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New Orleanscorenetworkseo
 
Intellectual property rightsand its types.pptx
Intellectual property rightsand its types.pptxIntellectual property rightsand its types.pptx
Intellectual property rightsand its types.pptxBipin Adhikari
 
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书rnrncn29
 
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012rehmti665
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一Fs
 
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Sonam Pathan
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Paul Calvano
 
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书zdzoqco
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一z xss
 
SCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is prediSCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is predieusebiomeyer
 
Top 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxTop 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxDyna Gilbert
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一Fs
 
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一Fs
 
Git and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMGit and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMgdsc13
 
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书rnrncn29
 

Último (20)

Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhi
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
 
Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170
 
PHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationPHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 Documentation
 
Elevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New OrleansElevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New Orleans
 
Intellectual property rightsand its types.pptx
Intellectual property rightsand its types.pptxIntellectual property rightsand its types.pptx
Intellectual property rightsand its types.pptx
 
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
 
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
 
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24
 
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
 
SCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is prediSCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is predi
 
Top 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxTop 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptx
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
 
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
 
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
 
Git and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMGit and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITM
 
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
 

Misused top ASNs

  • 1. Anurag Bhatia - Hurricane Electric - APRICOT 2016 - Auckland, NZ - Misused Top ASNs Misused Top ASNs Analysis of AS1, AS2 and AS3 misuse!
  • 2. Anurag Bhatia - Hurricane Electric - APRICOT 2016 - Auckland, NZ - Misused Top ASNs Officially allocated to... AS 1 - Level3 Communications AS 2 - University of Delaware AS 3 - MIT
  • 3. Anurag Bhatia - Hurricane Electric - APRICOT 2016 - Auckland, NZ - Misused Top ASNs How they are “leaked” ?
  • 4. Anurag Bhatia - Hurricane Electric - APRICOT 2016 - Auckland, NZ - Misused Top ASNs Reasons for leak... ● “Copy-paste” of sample prepend configuration “1 2 3” ● Mistakenly typing “1 2 or 3” in prepend rules in route filter / export policy statement
  • 5. Anurag Bhatia - Hurricane Electric - APRICOT 2016 - Auckland, NZ - Misused Top ASNs Impact of leak Hard to determine statistically but ... ● Shows unexpected relationship of leaking AS with top ASN and among top ASNs! ● Considered to be “AS hijack” and bad for trust based BGP routing ● Can result in (a wrongly prepended) announcement getting filtered across parts of internet ● Chances of broken connectivity of these routes with top ASNs network due to BGP loop prevention
  • 6. Anurag Bhatia - Hurricane Electric - APRICOT 2016 - Auckland, NZ - Misused Top ASNs AS1 Graph V4
  • 7. Anurag Bhatia - Hurricane Electric - APRICOT 2016 - Auckland, NZ - Misused Top ASNs AS1 Peer V4
  • 8. Anurag Bhatia - Hurricane Electric - APRICOT 2016 - Auckland, NZ - Misused Top ASNs Hunting for leakers... ● Analysis of routing table from multiple RIPE RIS collectors ● Analysis from 2010 to 2015 ● Looking for cases where top ASNs appear in AS_PATH for routes which belong to other ASNs. ● Focus of top ASNs appearance with prepends in the routing table ● Assumption that except AS1, other two top ASNs aren’t transit provider (since belonging to University) ● Leaks which appeared for less then 24hrs are not collected
  • 9. Anurag Bhatia - Hurricane Electric - APRICOT 2016 - Auckland, NZ - Misused Top ASNs Distribution of appearance
  • 10. Anurag Bhatia - Hurricane Electric - APRICOT 2016 - Auckland, NZ - Misused Top ASNs Distribution of leaks (IPv4 Vs IPv6)
  • 11. Anurag Bhatia - Hurricane Electric - APRICOT 2016 - Auckland, NZ - Misused Top ASNs Some of who leaked AS1... AS Number Start Date End Date Visibility in days 5927 22-Jul-2011 3-Dec-2011 134 7046 9-May-2010 11-Jun-2010 33 14758 25-Apr-2013 20-Jun-2013 56 21011 28-Jan-2013 5-Feb-2013 8 21219 28-Jan-2013 5-Feb-2013 8 26114 11-Jun-2013 22-Jul-2015 771 35819 23-Nov-2014 26-Nov-2014 3 40807 7-Jan-2010 24-Apr-2010 107 45899 1-Dec-2014 17-Apr-2015 137 49994 26-Nov-2013 29-Nov-2013 3 50113 31-May-2013 8-Jun-2013 8 51282 3-Nov-2010 19-Nov-2010 16 52931 3-Nov-2010 19-Nov-2010 16 55836 24-Nov-2014 26-Nov-2014 2
  • 12. Anurag Bhatia - Hurricane Electric - APRICOT 2016 - Auckland, NZ - Misused Top ASNs Some of who leaked AS2... AS Number Start Date End Date Visibility in days 12989 14-Oct-2014 26-Oct-2014 12 131211 19-May-2015 22-Jul-2015 64 131713 20-Apr-2015 4-Jun-2015 45 133219 6-Jul-2015 22-Jul-2015 16 17483 30-Jun-2010 7-Jul-2010 7 17658 7-Feb-2014 18-May-2015 465 197706 22-Sep-2011 25-Oct-2011 33 197790 7-Apr-2014 3-Jun-2014 57 197798 18-Jul-2013 26-Aug-2013 39 198040 2-Jan-2015 2-Feb-2015 31 23951 1-Feb-2011 23-Apr-2011 81 262587 29-May-2013 7-Jun-2013 9 262878 20-Aug-2011 25-Aug-2011 5 263042 17-Jul-2013 23-Aug-2013 37
  • 13. Anurag Bhatia - Hurricane Electric - APRICOT 2016 - Auckland, NZ - Misused Top ASNs Some of who leaked AS3... AS Number Start Date End Date Visibility in days 9121 2-Mar-2010 10-Apr-2010 39 21385 28-Feb-2011 2-Mar-2011 2 24523 25-Nov-2011 16-Dec-2011 21 24953 5-Jul-2013 31-Jul-2013 26 25933 26-Jun-2015 29-Jun-2015 3 27969 15-Sep-2013 6-Feb-2015 509 33849 28-Jun-2010 3-Aug-2010 36 35631 2-Apr-2015 9-Apr-2015 7 37162 16-Jul-2014 8-Nov-2014 115 37371 29-Jan-2013 11-Apr-2014 437 38077 17-May-2010 25-May-2010 8 38761 22-Sep-2010 22-Oct-2010 30 41599 7-Jan-2010 30-Mar-2010 82 51002 27-Jul-2010 29-Jul-2010 2 53053 15-Apr-2015 27-May-2015 42
  • 14. Anurag Bhatia - Hurricane Electric - APRICOT 2016 - Auckland, NZ - Misused Top ASNs Route leak visibility (in days)
  • 15. Anurag Bhatia - Hurricane Electric - APRICOT 2016 - Auckland, NZ - Misused Top ASNs Longest leak 1445 days (~3.9 years) for AS1 by AS23383 Sample AS_PATHs 186.65.112.0/20,30132 6939 23520 23383 1 65430 186.65.112.0/20,8283 5580 23520 23383 1 190.185.108.0/22,30132 6939 23520 23383 1 65430 190.185.108.0/22,8283 5580 23520 23383 1
  • 16. Anurag Bhatia - Hurricane Electric - APRICOT 2016 - Auckland, NZ - Misused Top ASNs Most amusing AS_PATH ever! 31019 39326 39326 3356 7029 1614 1614 1614 1614 1 2 3 4 5 TABLE_DUMP_V2|02/02/14 00:00:01|A|195.69.146.99|50763|74.122.136.0 /24|50763 8943 3549 7029 1614 1614 1614 1614 1 2 3 4 5|IGP
  • 17. Anurag Bhatia - Hurricane Electric - APRICOT 2016 - Auckland, NZ - Misused Top ASNs Preventing such leaks ● If prepending is needed, prepend correctly i.e by repeating your own ASN multiple times ● Avoid typing ASNs by hand in config and prefer to copy paste (helps for long ASNs) ● Lookout for your router’s vendor's documentation on how to prepend.
  • 18. Anurag Bhatia - Hurricane Electric - APRICOT 2016 - Auckland, NZ - Misused Top ASNs Prepend Sample Config - Cisco IPv4 Create route-map which would be applied in OUT direction with specific peer route-map NetworkA-OUT permit 10 set as-path prepend 64520 64520 <--- Important to prepend your own ASN. Don’t use any other random number here! Call the route-map in out direction on the BGP session for IPv4 router bgp 64520 no synchronization bgp log-neighbor-changes neighbor 192.168.1.2 remote-as64521 neighbor 192.168.1.2 route-map NetworkA-OUT out neighbor 192.168.1.2 route-map NetworkA-IN in no auto-summary
  • 19. Anurag Bhatia - Hurricane Electric - APRICOT 2016 - Auckland, NZ - Misused Top ASNs Prepend Sample Config - Cisco IPv6 Create route-map which would be applied in OUT direction with specific peer route-map NetworkA-OUT permit 10 set as-path prepend 64520 64520 <--- Important to prepend your own ASN. Don’t use any other random number here! Call the route-map in out direction on the BGP session for IPv6 ! address-family ipv6 neighbor 2001:DB8:1:1::2 activate neighbor 2001:DB8:1:1::2 route-map NetworkA-OUT out network 2001:DB8:2::/48 exit-address-family !
  • 20. Anurag Bhatia - Hurricane Electric - APRICOT 2016 - Auckland, NZ - Misused Top ASNs Prepend Sample Config - JunOS Create export policy which would be applied to the peer edit policy-options policy-statement Network-A-Out set term a from prefix-list Pool-set1 set term a then as-path-prepend “ 64520 64520” <--- Important to prepend your own ASN. Don’t use any other random number here! Call the route-map in out direction on the BGP session set protocols bgp group transits neighbor 192.168.1.2export Network-A-Out
  • 21. Anurag Bhatia - Hurricane Electric - APRICOT 2016 - Auckland, NZ - Misused Top ASNs Thankyou! Questions? Peering? anurag@he.net http://he.net http://as6939.peeringdb.com