Cisco BGPmon

@bgpmon

BGPmon is now Part of CrossworkCloud a Service that Provides Internet BGP Event and Signature Detection

Joined June 2010

Tweets

You blocked @bgpmon

Are you sure you want to view these Tweets? Viewing Tweets won't unblock @bgpmon

  1. Retweeted
    29 Sep 2020

    hearing from various folks about a bgp hijack incident by Telstra..

    Show this thread
    Undo
  2. Retweeted
    18 Aug 2020
    Undo
  3. Retweeted
    14 Jun 2020

    Important goal: improved routing security.

    Undo
  4. Retweeted
    5 Apr 2020

    For what it's worth: I don't think they intended to announce this to the rest of the world (hijack). What we saw here, by accident, is that they treat these (new more specific) prefixes special inside their network. Likely for some kind of "Traffic Engineering" reason.

    Undo
  5. Retweeted
    5 Apr 2020

    Not the first time we see this for Rostelecom. A few years ago, I observed a similar incident, involving the networks of many financial companies.

    Undo
  6. 5 Apr 2020

    Earlier this week there was a large scale BGP hijack incident involving AS12389 (Rostelecom) affecting over 8,000 prefixes. Many examples were just posted on , see for example this example for

    Undo
  7. Retweeted
    2 Apr 2020

    There was a major hijack event yesterday, involving many (thousands) new more specific prefixes. The hijacker was 12389 (Rostelecom) the largest Russian ISP. Affecting most of your favorite cloud providers and CDNs

    Undo
  8. 17 Nov 2019

    Major Internet outages in Iran continues today. This is an example of the BGP routes visible for the "Iran Cell Service and Communication Company (AS44244)" network. As well as observed network traffic from Iran Cell. Note the clear drop at ~ 15:00 UTC Nov 16 in both graphs.

    Undo
  9. 1 Jul 2019

    Operating BGP: “It’s more like an 18th-century Royal Navy frigate. There’s a lot of running around and screaming and shouting and pulling on ropes to try to get things going in the right direction.”

    Undo
  10. Retweeted
    26 Jun 2019

    The deep-dive into how Verizon and a BGP Optimizer Knocked Large Parts of the Internet Offline Monday

    Undo
  11. Retweeted
    24 Jun 2019

    Quick write-up on today's widespread Internet outage: This appears to me as a multi-organisational catastrophic failure in both process and technologies.

    Undo
  12. 24 Jun 2019

    Actually looks like the end time was 12:37 UTC

    Show this thread
    Undo
  13. 24 Jun 2019

    Many of the prefixes we new more specifics, indicating this was likely a BGP optimizer leaking routes which were then leaked to and accepted by Verizon. This caused outages for many networks including Cloudflare and Facebook, Amazon, and many more

    Show this thread
    Undo
  14. 24 Jun 2019

    we can confirm that earlier today there was a large BGP incident, causing 20k prefixes for 2400 network to be rerouted through AS396531 (a steel plant). and then on to its transit provider: Verizon (AS701) Start time: 10:34:21 (UTC) End time: 13:26:07 (UTC)

    Show this thread
    Undo
  15. Retweeted
    24 Jun 2019

    Here's what an example alert for looked like (using my personal bgpmon test account)

    Show this thread
    Undo
  16. Retweeted
    24 Jun 2019

    Quick dumps through the data, showing about 2400 ASns (networks) affected. Cloudflare being hit the hardest. Top 20 of affected ASns below

    Show this thread
    Undo
  17. Retweeted
    24 Jun 2019

    doing some more digging. For now looking at a debug bgpmon account i have with various popular prefixes. Seeing 'BGP MITM' / 'route leak' alerts for at least many cloudflare prefixes and by the looks of it Facebook as well. 2 examples below:

    Show this thread
    Undo
  18. Retweeted
    24 Jun 2019

    wow waking up to some BGP madness! Looks like many (all) of AS 13335 prefixes are being rerouted through AS396531 (Allegheny Technologies) and Verizon AS701 is providing that transit via that path! Ugh not good! will dig more ...

    Show this thread
    Undo
  19. 10 Mar 2019

    Major dip in traffic from Venezuela over the last few days. Big dip started at March 7, 20:55 UTC. Still ongoing.

    Undo
  20. 16 Feb 2019

    We are now using as our ROA validator. Thanks for the new CSV export feature and team!

    Undo

Loading seems to be taking a while.

Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

    You may also like

    ·