14 Jun
2016
14 Jun
'16
1:44 p.m.
On Jun 14, 2016, at 9:51 AM, Alexander Azimov <aa@qrator.net> wrote:
But I have security consideration that filtering isn't a proper mechanism to reach this goal. Imagine next situation - if transit accidently prepends its paths with private AS number it will result in DoS for all stub networks connected to this transit. I think, better way is deprioritize bogon routes - this will stop propagation of such routes if there is any alternative and will not affect reachability in other cases.
With the types of hijacks and abuse that are ongoing and continue, one must have some minimum standards to be met. Not using a private ASN or sending 23456/AS_TRANS should not be routed at all. - Jared