<<< Chronological Index >>>    <<< Thread Index >>>

Re: AS3352 blackholing geuzenveld.ripe.net


Antony and I had a closer look at this, to see how wide 
this bad routing announcement spreads.

Results:

- the RIS database has never seen 193.0.0.4/32 announced

- the AMS-IX looking glass (ams-ix.net/cgi-bin/lg) reports
  some 48 host routes (/32) originating from AS3352 (telefonica)
  all arrive at AMS-IX via chello/a2000. 

- of these 48 host addresses, 4 are found in LIST_OF_TESTBOXES

	11      tt11.ripe.net   192.109.251.32
	1       tt01.ripe.net   193.0.0.4
	15      tt15.ripe.net   194.179.3.155
	23      tt23.ripe.net   207.24.7.8

  tt15 is with telefonica themselves
  tt23 is no longer on that address (see 'host tt23')
  which leaves false routes for only tt01 and tt11

- most likely, these announcements are remnants of telefonica
  trying to improve routing for specific test-boxes; later changes
  in routing setup/configuration now cause routing loops.

- checking the TTM plots, we see that of all active boxes,
  only tt15 can't reach tt01 & tt11


Conclusion: although it's bad these /32s leak out of telefonica,
the damage is limited. Up to now only some traffic from the box at their
site is affected. A different question is if such tuning violates
article 5.3 of ripe-214, the TTM service agreement :-)

-- Rene





<<< Chronological Index >>>    <<< Thread Index >>>