North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Policy Statement on Address Space Allocations
On Fri, 26 Jan 1996, Vadim Antonov wrote: > >Then, some of you will ask how to enforce this. Once every so often, you > >dump the BGP routing tables from strategic routers. If you see any > >non-matching prefixes, you send an email to the network coordinator for > >the allocated block giving them a set amount of time to clean it up. Any > >routes which are not cleaned up by the deadline are added to a filter > >list which could be carried on routers. > > Sorry, *who* gets to play the net politzai? Registries have no control > over service providers, and service providers have insufficient > human resources to do that (and most won't do that anyway). > > Note that updating exterior policy filters by a large ISP involves > carefully planned and timed update on some dozen-odd routers, so it is > not done often, and certainly won't be done just to punish some clueless > luser. Is there some other method which would be as effective to destroy a specific net's connectivity to the majority of the net? A few come to mind right now: 1) ip route <luser's address & mask> null0 - has the disadvantage of adding an entry to the routing table, and might cause other problems if static routes are redistributed into BGP in some fashion. 2) ip filtering: - Probably uses more CPU than #1, but doesn't screw with the routing tables. 3) Something else? Remember, the goal here is to get the registry to limit the number of blocks allocated. Then, provide a method to require those blocks to remain in one piece. I doubt that many people are going to not react to a note such as the following: (maybe a little less technical) According to our records, you were allocated a block of 64 addresses, otherwise known as an /18 block. When this was allocated, you were informed that you MUST announce this block to the internet in a single route. In the automatic scan of the routing table which took place on 01/01/1996, routes to the networks listed below were discovered in at least one backbone router: 208.128.128.0/18 208.128.132.0/24 If the entries for any block(s) smaller than the original /18 allocation do not dissapear by 2/1/1996, the smaller block(s) will cease to function on the net for a period of 30 days or longer. This will be accomplished through one of several means, including filtering the addresses on the backbone routers, etc. Thank you. I doubt you're going to need to add many filters :) As far as who will run the programs to check for this, I'm sure that a suitable home for the tools necessary could be found. -forrest
|