[arin-ppml] BGP Hijacking Definition

Keith W. Hare Keith at jcc.com
Mon May 6 10:09:12 EDT 2019


Prop-266 uses the phrase "BGP hijacking" but does not define it. Without a careful definition of "BGP hijacking", it is not possible to define the difference between intentional and accidental hijacking.


-----Original Message-----
From: Töma Gavrichenkov [mailto:ximaera at gmail.com] 
Sent: Monday, May 6, 2019 9:44 AM
To: Keith W. Hare <Keith at jcc.com>
Cc: arin-ppml at arin.net
Subject: Re: [arin-ppml] BGP Hijacking Definition

On Mon, May 6, 2019 at 4:26 PM Keith W. Hare <Keith at jcc.com> wrote:
> If an organization uses a IPv4 prefix allocated/assigned
> to some other organization (the DoD for example)
> within their internal network and filters out all references
> at the edges of their network so that the general public
> never sees any references, is that BGP Hijacking?

The prop-266 establishes a difference between intentional and
occasional hijacking.

Now, consider a case when a Chinese ISP accidentally leaks 30/8 away.
Imagine the newspaper headlines next morning, given that 30/8 is
formally allocated to the DoD.
Imagine Joe Sixpacks talking about the issue, treating that as a
direct violent attack against the DoD, almost (if almost) an act of
After that, consider the PR consequences when ARIN (APNIC etc.)
decides that was accidental and thus just fine.

This is one of the scenarios that makes me worry the most: exposing
the cute and simple network address registry to all sorts of
politicians with their ambitions.


More information about the ARIN-PPML mailing list