RE: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s)

This attack will work very well until the victim starts advertising
its prefix. The victim may not notice the fake advertisement because the fake
advertisement will not reach the victim AS due to AS-path loop checking.

So potential victims must advertise all prefixes that they register in
RPKI or subscribe to an Internet monitoring service to detect the
fake advertisements.

And don't forget maxlen. You must advertise in BGP every prefix
covered by maxlen.


Often the best forms of attack are ones that are scoped in locality. Advertising the
same prefix from a different location in BGP may create a localised preference to follow the
synthesised route which is not visible everywhere. Sometimes this is exactly what the
attacker wants to achieve.