Haha :) you are right.
I just checked Caida AS ranking:
http://as-rank.uu3.net/?as=2 A lot of "providers" for UDEL-DCN. Yeah right..
They all indeed probably try to prepend their AS 2 times
ending up having ASN 2 in path.
---------- Original message ----------
From: Mike Davis <davis@udel.edu>
To: nanog@nanog.org
Subject: Re: Dodgy AS327933 ...?
Date: Thu, 10 Aug 2023 09:24:32 -0400
AS2 is the most hijacked prefix in the world.? Yes UD still owns it,
but since different router vendors use different methods of prepending
AS numbers, many folks try to prepend twice and end up announcing
on AS2..
thanks
mike
On 8/10/23 9:02 AM, Mark Tinka wrote:
>
>
> On 8/10/23 11:38, Frank Habicht wrote:
>
> >
> > from a 2019 DB snapshot:
> >
> > aut-num:??????? AS327933
> > as-name:??????? GROUPE-TELECOM-SPRL
> > descr:????????? GROUPE TELECOM SPRL
> > status:???????? ASSIGNED
> > org:??????????? ORG-GTS2-AFRINIC
> > admin-c:??????? YM8-AFRINIC
> > tech-c:???????? YM9-AFRINIC
> > notify:???????? ***@gtl-rdcongo.com
> > mnt-lower:????? GTS2-MNT
> > mnt-routes:???? GTS2-MNT
> > mnt-by:???????? AFRINIC-HM-MNT
> > changed:??????? ***@afrinic.net 20150917
> > source:???????? AFRINIC
> >
> > I think the most common way to get out of this DB is to not pay something.
> >
> > I'd guess that
> >
> > aut-num:??????? AS37451
> > as-name:??????? CongoTelecom
> > descr:????????? CONGO TELECOM
> >
> > has a relationship with them and AS327933 wanted to prepend 2x [1] to their
> > sole provider.....? (AS37451)
>
> We are seeing some weird routing from them, and the AS2 they are attached to
> (University of Delaware) seems odd.
>
> Not sure if any of the American folk on this list can verify AS2 is really
> part of the University of Delaware...
>
> Mark.
--
Mike Davis
Lead Network Architect
University of Delaware - 302.831.8756
Newark, DE 19716 Email davis@udel.edu