BGP zombies and excessive path hunting

https://blog.cloudflare.com/going-bgp-zombie-hunting/

49•emot•3mo ago

Comments

pm2222•3mo ago

I thought the bigger /32 prefix should be advertised from AS64511 to both AS13335 and AS64510.

Is there free BGP peering for the purpose of only passing on the NLRIs?

It's interesting that on the "open positions" page, the location filter appears to be strictly string matching, e.g. "US" does not cover "New York, US"

pm2222•2mo ago

Interesting that this comment was added 9 days ago all of a sudden it pops up now with a 3hour stamp.

amenghra•2mo ago

A zombie comment? How appropriate…

metadat•2mo ago

This happens when a story is revitalized through the second chance pool.

https://news.ycombinator.com/item?id=26998308

https://news.ycombinator.com/pool

toast0•2mo ago

I don't think it makes sense for AS64511 (example customer) to advertise the /32 to AS13335 (Cloudflare) when they only want the /48 to be routed through Cloudflare.

pm2222•2mo ago

/32 is not gonna matter when /48 is present. When /48 is not present, why wouldn’t /32 be advertised?

toast0•2mo ago

The /32 is going to matter for the addresses outside the /48. The customer only wants one /48 to go through Cloudflare; from the article context, probably because that /48 is under DDoS. DDoS scrubbing services are expensive in dollars and latency (and sometimes network features), so you only want to expose your traffic to that when necessary. When the DDoS is over, you don't want any of your traffic going through Cloudflare, so you withdraw the /48, you wouldn't want to advertise the /32 through Cloudflare at that point either.

Using the article's example ranges:

If the customer's IP 2001:db8::1 is being DDoSed, then they advertise 2001:db8::/48 through cloudflare, but 2001:db8:1::1 doesn't want that; it'll be handled by their 2001:db8::/32 announcement on their usual ISP(s)

pm2222•2mo ago

You are right I missed the DDoS part and that cf is not a typical uplink in this use case.

great_wubwub•2mo ago

> Things get more interesting when AS64510 signals for 2001:db8::/48 to be withdrawn by Cloudflare (AS13335)

Typo - shouldn't that be AS64511?

...and...

> The MRAI specifies the minimum amount of time ... between each BGP advertisement update.

Each update _per prefix, per peer_. RFC4271 sec.9.2.1.1 says

--- [MRAI] determines the minimum amount of time that must elapse between an advertisement and/or withdrawal of routes to a particular destination by a BGP speaker to a peer ---

OpenCiv3: Open-source, cross-platform reimagining of Civilization III

The Waymo World Model

Show HN: Look Ma, No Linux: Shell, App Installer, Vi, Cc on ESP32-S3 / BreezyBox

Monty: A minimal, secure Python interpreter written in Rust for use by AI

Dark Alley Mathematics

How we made geo joins 400× faster with H3 indexes

A century of hair samples proves leaded gas ban worked

Show HN: I spent 4 years building a UI design tool with only the features I use

Microsoft open-sources LiteBox, a security-focused library OS

Show HN: If you lose your memory, how to regain access to your computer?

Sheldon Brown's Bicycle Technical Info

Hackers (1995) Animated Experience

An Update on Heroku

PC Floppy Copy Protection: Vault Prolok

Show HN: R3forth, a ColorForth-inspired language with a tiny VM

I spent 5 years in DevOps – Solutions engineering gave me what I was missing

How to effectively write quality code with AI

Learning from context is harder than we thought

Understanding Neural Network, Visually

Delimited Continuations vs. Lwt for Threads

I now assume that all ads on Apple news are scams

Introducing the Developer Knowledge API and MCP Server

Make Trust Irrelevant: A Gamer's Take on Agentic AI Safety

FORTH? Really!?

I'm going to cure my girlfriend's brain tumor

Evaluating and mitigating the growing risk of LLM-discovered 0-days

Show HN: Smooth CLI – Token-efficient browser for AI agents

Female Asian Elephant Calf Born at the Smithsonian National Zoo

Show HN: Slack CLI for Agents

The Oklahoma Architect Who Turned Kitsch into Art

OpenCiv3: Open-source, cross-platform reimagining of Civilization III

The Waymo World Model

Show HN: Look Ma, No Linux: Shell, App Installer, Vi, Cc on ESP32-S3 / BreezyBox

Monty: A minimal, secure Python interpreter written in Rust for use by AI

Dark Alley Mathematics

How we made geo joins 400× faster with H3 indexes

A century of hair samples proves leaded gas ban worked

Show HN: I spent 4 years building a UI design tool with only the features I use

Microsoft open-sources LiteBox, a security-focused library OS

Show HN: If you lose your memory, how to regain access to your computer?

Sheldon Brown's Bicycle Technical Info

Hackers (1995) Animated Experience

An Update on Heroku

PC Floppy Copy Protection: Vault Prolok

Show HN: R3forth, a ColorForth-inspired language with a tiny VM

I spent 5 years in DevOps – Solutions engineering gave me what I was missing

How to effectively write quality code with AI

Learning from context is harder than we thought

Understanding Neural Network, Visually

Delimited Continuations vs. Lwt for Threads

I now assume that all ads on Apple news are scams

Introducing the Developer Knowledge API and MCP Server

Make Trust Irrelevant: A Gamer's Take on Agentic AI Safety

FORTH? Really!?

I'm going to cure my girlfriend's brain tumor

Evaluating and mitigating the growing risk of LLM-discovered 0-days

Show HN: Smooth CLI – Token-efficient browser for AI agents

Female Asian Elephant Calf Born at the Smithsonian National Zoo

Show HN: Slack CLI for Agents

The Oklahoma Architect Who Turned Kitsch into Art

BGP zombies and excessive path hunting

Comments