[arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

Joe Provo ppml at rsuc.gweep.net
Wed May 8 08:40:59 EDT 2019

On Tue, May 07, 2019 at 07:25:49PM +0000, Michel Py wrote:
> Hi Keith,
> > Keith W. Hare wrote :
> > I have not yet seen a complete clear consistent definition of BGP/Route
> > hijacking. Such a definition is a prerequisite to defining a meaningful policy. 
> I agree.

I've always operated with the definition that a hijack 
is the purposeful subversion of the registrant's intended 
use of the registered prefix. (This proposal and thread 
is about BGP hijacks, but we also see registry hijacks 
and other forms.)

A key problem in determining intent is that its publication 
is not mandatory (and that publication itself can be 
subverted, but that's not the flavour of hijack at hand). 
We have some organizations who positively assert their 
intent as doing so maximizes their relaible reachability, 
but there's a great many who do not, out of ignorance or 

As a registrant, if I'm using this or that service which 
moves packets to my prefix (be it from my own ASNs, 
announcing it by my ISPs ASN, filtering through a DDoS 
scrubber, announced by my colo provider, etc) is still 
correctly registered to me, not that provider.

If I'm smart, I will publish my intended announcement 
sources in
- OriginAS in my whois
- IRR data

...and then anyone on the 'net can see if a given 
announcement (or their changes) is intented and expected
or not. 



Posted from my personal account - see X-Disclaimer header.
Joe Provo / Gweep / Earthling 

More information about the ARIN-PPML mailing list