Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I have worked for a medium size ISP for many years (3 upstream Tier-1 provider, presence on 2 IXP) and we sometimes suffer from BGP hijaking. We had developed a software that every hour checks the BGP prefix assigned to every peer and update the BGP filter automatically. It takes some time to engineering it and develop but after then, it works like a charm.


That’s a 1-hour attack window though. It should be event driven, something where peers can securely signal changes as they happen


You can run every 15 minutes if you want.

It's a shame that the ISP is bankrupted, it could be a very nice product also to sell. I was in charge of this software, I can reproduce it easily (unfortunately I don't get the source code) and put online then everyone can use and improve.


Write a protocol for it then and demonstrate its use


Those are very expensive. According to apnic[1], there are 15,000 update / day in 2016. For small size ISP, the number is much lower and may be managible. But event driven can't be a general solution for larger isp.

[1] https://blog.apnic.net/2017/01/27/bgp-in-2016/


15k updates a day? how big is the payload? ...sounds negligible to someone ignorant in BGP finer details.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: