>>>All of this discussion of the mechanics of BGP made me think. What if I
>>>decided to grab Cisco's block of addresses and announce them as being
>>>through my ISP with BGP? As long as my ISP's are peering with me, will
>>>accept *any* route update? If I announced the Cisco update to my ISP
>>>say MCI), would all of the MCI clients trying to access www.cisco.com
>>>my web server instead? What would happen on with other ISP's? Would they
>>>accept this exception route?
>Only if they are stupid. Peer relationships between the clue-challenged
>are more likely to propagate bad routes than providers; all major
>providers have aggressive filtering on either as-path & origins,
>ip-addrs being announced, or routing objects (ip-addrs/length + origin
>as). The smarter providers reconfigure these filters in an automated
>fashion, from databases.
Along with aggressive route filtering, route authentication will
become vital in the next few years.
R. Todd Truitt ttruitt @
Systems Engineer Security, Availabilty and Management
Cisco Systems, Inc. 303.220.6164