| HN Mirror

Y	Hacker News new \| ask \| show \| jobs

by X-Istence 3913 days ago

The BGP admins are those that are assigned that task by whatever company or organisation owns the AS they are responsible for.

There is no central authority, most people that are interested in that sort of stuff are on various mailing lists, the main one being NANOG.

Generally for larger ISP's they will have direct contacts with their counterpart on their BGP neighbour where the handoff from network to network exists, for smaller entities (for example a small business with two uplinks that announces their own /24) they may have a support contact that they can call about issues.

Is it a risk? Maybe. The Internet and BGP is built on mutual respect. You can and sometimes will filter certain routes from certain uplinks/providers to change how routing happens from your network onto the next hop, but overall there is no authentication, and no authorization.

Anyone that has an AS, and has a peer that is willing to accept their routes, can advertise whatever they want.

As for how many there are? How many CCNA/CCNP/CCIE's are there out there? How about comparable certs for Juniper/Alcatel Lucent and whatnot. Each of them could potentially be a BGP admin. It's not a difficult job. When I worked at a large ISP I remember announcing some new IP's out from our AS to the world from a new location and watching it propagate across the world. Had me and my colleague made one little typo we could have accidentally announced the wrong thing.

The only controls are policies that are set up by each AS for what routes they will or will not accept from a neighbouring AS. In general this is an accept all. Then the AS can choose to re-advertise it's received routes from it's neighbours to it's other neighbours, this is how route propagation works. You can also choose for example to receive routes from a neighbour but not re-advertise them (i.e. you don't become transit).

BGP changes happen every minute of every day. Routes get added, get removed, and those things propagate. This is not the first time nor the last time that a mistake happens, or that someone advertises an address space they shouldn't be advertising. Look at what happened when China accidentally leaked routes that took YouTube and Google off-line for a bit, or the BGP issues with Syria advertising everything in an attempt to take the internet offline in their country...