RE: BGP-based blackholing/hijacking patented in Australia?

Stephen J. Wilcox wrote:
This is not IP hijacking by any means,

Mmmm. What tells you that these routes won't be announced to peers or
won't leak? We are not supposed to see announcements for bogons nor for
RFC1918 space, but we do.

Thinking about it, I agree that "hijacking" is not the proper term
though as it is generally understood as announcing/using a netblock that
belongs to an entity long gone (preferably from the swamp, so one can
try to modify everything possible in whois info and claim ownership) or
is un-allocated.

Would this be "kidnapping"?

This is to blacklisting what wildcarding is to NXDOMAIN. If the domain
does not exist, you get an error not the web page you get when it's
wilcarded. If the IP is blackholed, you get an error not the web page
you get when it's kidnapped.

Michel.

> Stephen J. Wilcox wrote:
> This is not IP hijacking by any means,

Mmmm. What tells you that these routes won't be announced to peers or
won't leak? We are not supposed to see announcements for bogons nor for
RFC1918 space, but we do.

Thinking about it, I agree that "hijacking" is not the proper term
though as it is generally understood as announcing/using a netblock that
belongs to an entity long gone (preferably from the swamp, so one can
try to modify everything possible in whois info and claim ownership) or
is un-allocated.

Would this be "kidnapping"?

Hmm, I think its about scope, if you pretend to be another company or announce
their space its hijacking, if you dont accept routes internally or modify routes
internally then its not hijacking.

And yes, anyone leaking these routes is this doing something wrong (as they are
with bogons etc)

This is to blacklisting what wildcarding is to NXDOMAIN. If the domain
does not exist, you get an error not the web page you get when it's
wilcarded. If the IP is blackholed, you get an error not the web page
you get when it's kidnapped.

Transparent caching has done this for a long time, the difference is it only
works on traffic passing through the adjacent router, with this you can pull
traffic from all over your network back to a single cache

Steve