You're looking at an older version: 1
The current (published) version is 2This proposal aims to clarify that BGP hijacking is not accepted as normal practice within the RIPE NCC service region, primarily because it negates the core purpose of running a (Regional Internet) Registry. The proposal is not concerned with simple operational mistakes – it is intended to address deliberate BGP hijacking events.
BGP hijacking is not acceptable behaviour. A "BGP hijack" is defined by announcing a prefix to another network without the resource holder’s consent.
There must be consequences for hijacking for members or individuals/organisations that have a service agreement (either directly or indirectly) with the RIPE NCC. This proposal aims to clarify that an intentional hijack is indeed a policy violation.
BGP hijacks happen on an almost daily basis. Hijacks can be on a global scale (propagated to all networks) or restricted (only one or some networks). Through this document, the RIPE community clarifies that BGP hijacking is not an acceptable practice.
A hijack is understood to be the announcement of routes through BGP to third parties without the consent of the resource holder. This is considered to be a violation of RIPE policy.
The location of the resource holder or hijacker in such cases is irrelevant. A hijack constitutes a policy violation even if both parties are located outside of the RIPE NCC service region.
The announcement of unallocated address space to third parties is also considered a policy violation and is evaluated according to the same parameters.
A distinction can be made between accidental or deliberate hijacks from available routing datasets, looking at parameters such as duration, recurrence, possible goals, and the size of hijacked blocks. Other parameters may also be considered in the future.
The RIPE NCC is not able to monitor the occurrence of BGP hijacks or assess whether they are policy violations. It must therefore rely on external parties, both to report hijacks and determine whether they are deliberate.
Reports sent to the RIPE NCC need to include a minimum set of details, such as: “Networks Affected”, “Offender ASN”, “Hijacked Prefixes” and “Timespan” (this is not a definitive list and other details may also be required). The RIPE NCC will provide a web-based form to facilitate these reports.
The RIPE NCC will define a pool of worldwide experts who can assess whether reported BGP hijacks constitute policy violations. Experts from this pool will provide a judgement regarding each reported case, no later than four weeks from the moment the report was received.
Only hijacking events that occur after this policy has been implemented are eligible to be considered.
A report containing an expert judgement on the case will be sent to the suspected hijacker. This party will then have four weeks to object to any conclusions contained in the report. Any objections are then assessed and ruled as admissible/non-admissible by the experts, during a two-week review period. Following this, the report is finalised and published.
Following the publication of the final expert report, the suspected hijacker has two weeks in which they can file an appeal. If an appeal is filed, an alternative expert will review this for a maximum of four weeks. The results of this review are final and cannot be further appealed.
Once the report has been published, any policy violation will be ratified by the RIPE NCC Executive Board. Otherwise, the complaint/report will be archived. The ratification will be delayed in case of an appeal, until the second expert has been published their review.
It remains to be investigated if any of the other four RIRs consider BGP hijacking to be a policy violation.