About the different causes of multiple origin ASN(MOAS) problem

Hi,

I'm trying to find all causes of multiple origin AS problem(MOAS) as
follows, but not sure if it's complete. Also please let me know how popular
each item is, especially item 3 and 4 that I'm very curious about.

1. Internet Exchange Points, we have observed a list of this prefixes,
although they generally are not announced to the DFZ.
2. Anycast, rare, but occurs sometimes, for example, 192.88.99.0/24,
2002::/16, and 2001::/32
3. Multi-homing with Private AS number
4. Multi-homing using static route (customer doesn't have AS number)
5. Misconfiguration
6. Hijacking
7. What else?

Thanks,
Yaoqing

1. MOAS isn't necessarily a 'problem'; it's fairly common, these days, and has been for quite some time. The actual problem is the inability to determine when it's intentional and not evil, vs. unintentional or intentional and evil.

2. There's already a fair body of work on this topic, as a Web search for "multiple origin as" reveals. Check the NANOG archives for Lixia's preso, among others.

4. Multi-homing using static route (customer doesn't have AS number)

4a: Upstream forces static routes, because they can't support 4 byte ASN
(or don't want to).

- -gaurab

5. Misconfiguration
6. Hijacking
7. What else?

- --

http://www.gaurab.org.np/