netsec-sig - Re: [Security-WG] [NTAC] R&E Routes Leaked to Commodity Internet
Subject: Internet2 Network Security SIG
List archive
- From: Bill Owens <>
- To: David Farmer <>, NTAC <>, "" <>, "" <>
- Subject: Re: [Security-WG] [NTAC] R&E Routes Leaked to Commodity Internet
- Date: Tue, 31 Dec 2019 13:39:24 +0000
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nysernet.org; dmarc=pass action=none header.from=nysernet.org; dkim=pass header.d=nysernet.org; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=e+IyQaNri+eQjFq8jytZmr7l04F/MuCpsAZpvMLWVpQ=; b=U2YTvSPhi5iZJbLhww5Q/Ve8z3Q8b8vO13m3CdNQIp/72s3m5budfjNNDOsB0OkKm1LyyPrgeTDmXmWh7c4GCMx7iix1eyStCNLLviZi33IaMqeZ0BxbfrbwVzoLBYPnMjnc9QfeeDfhLITLyDZYHicM0p989M+vYHb5Ng0qvz+RFVGvDI3TfXO+uJvNFyibLAS2yZKH5vtcg55qPAEe6rLdcP6ItDItbsMqeixOMKWtb5b19F0LxDSahDgkp6oBQxdvWcUEMzsvowDbpL/CBBT8srx3VJxBGf24Kb7u/tcmel4SebCL4nmpPoWMxQ/se9UcUJcWEqpy/im22Uf2Qw==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=kg2BA50DFFZq5tunMg6tsMY2Je4qU+Nf1BQzEMXyp5x73y7/ouAiiqc8Gd5fLcl7/ilmw8hvz1SZzKUx2VGdVKxkaWfG3G+SPnCwchpbKfaq+i528QFftmOTiGAcCTI5LC7KDlyYACbZzSKBQG5YhEKUJ/fHMj0vQveHxv53zhipsqp3SE//Fjo6spOKBx3gpgDWcXg4Xsnc6QRkyuOuHBoiqAprCn7AY+Ka+RADU9qzOnClWkevXkPpd+IqDzrnDdDNqZXQiLJguwDfM6DsbbRQF+lArZppQxffxdTceHPdX22jwPrCouO4KEaaN9/pKHxrOVotmJV/3V3o92qS9w==
We have two campuses participating in PEERING, and every now and then I come across the routes, am shocked, and then remember they’re supposed to be weird. Then again, I wonder if that dilutes some of the value of their research – they wouldn’t be allowed to make some of the advertisements that they’re doing, if they weren’t given exceptions to the usual rules. I’ll have to ask them one of these days.
Bill.
From: <> on behalf of David Farmer <>
I decided to look the other way around, that is to look for Internet2 R&E (AS11537) in commodity Internet paths, and after excluding some routes originated by Internet2 for Internet2 infrastructure prefixes, I get the following;
At least there is an IPv6 route on this list. 😀 I think it is a Cisco IPv6 LISP experiment. However, given that the path has Uruguay, RedClara, Internet2, GEANT, TEIN2, and Japan all in the path I'm not sure its a good idea for this route to be leaked, let alone even to be in the Internt2 R&E route table in the first place. I have a number of better routes for this prefix from the commodity Internet.
Thanks
-- =============================================== |
- [Security-WG] R&E Routes Leaked to Commodity Internet, David Farmer, 12/31/2019
- Re: [Security-WG] [NTAC] R&E Routes Leaked to Commodity Internet, Bill Owens, 12/31/2019
Archive powered by MHonArc 2.6.19.