> In this case, the very first thing you should probably do is to
> start announcing the more specific /24s to match their advertisements!
> Depending on AS-PATH length (how various nets hear your announcements
> vs. theirs) this may solve the immediate problem, allowing you to hunt
> them down and kill them at your leisure.
The downside to this is that we go from advertising /16's
out, to advertising a fleet of /24's out, most of which
would be filtered by Sprint's ever-lovin' CIDR-forcing
wall. I agree with Sprint, and Sean, but in this case
it pretty much makes it hard for us to force the issue
by dropping to the same or smaller sized announcement.
Good thought, though! Even if it does result in going
from 2 /16 announcements to 512 /24 announcements in
the process, growing the routing tables, and generally
making everyone else unhappy as well.
Only advertise the /24s that they're announcing of yours.
And if you need to get them into Sprint, see if a multi-
homed Sprint customer will temporarily shove them into
Sprint and static them back to you via another provider/connection.
*sigh* There really MUST be some nice way of handling
lame ISP's like this.
> 1) Announce *your own* routes more specifically.
> This may lose you ANS connectivity, though.
I meant ANS connectivity because of RADB issues, but yes,
anyone who filters small announcements in your space won't
I took that step last night, and was advised to remove it by
those more in tune with legal issues. I guess it's not
considered "nice" to sink to the same level as your
attacker, and play dirty. :-}
No, but if it went on for 12 hours, I very well might do so.
Again, my thanks for you feedback and support!
Sure, good luck.
And if you're going for the shunning effect, tell us all who it
is that you're having trouble with.