North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Deciding whose network block is whose?
Priori networks requires any customer who wants to announce a route to us via BGP, or wants us to announce a route via BGP for them to have the proper contact information available via rwhois at either the internic (ARIN now I suppose), RIPE, or APNIC. We filter all incoming routing announcements from customers by prefix. We have not yet had a problem where someone has called and said we were announcing their block, so I cannot tell you for certain what the resolution time for such an issue would be. At 09:17 AM 12/29/97 -0600, Sean Donelan wrote: >When some random person decides to announce a subnet, what do providers >accept as proof the person has authority to announce that subnet to the >global Internet? Or the other side, when some random person calls up >complaining that someone else is announcing a subnet without authorization >what do providers accept as proof that the announcement is invalid? > >For example, lets say a difficult to reach ISP on the other side of the >planet decided to announce a subnet DRA had assigned for use by one of our >customers. Would major providers take my word a Hong Kong provider was >wrong? Would major providers accept the registration information in WHOIS >and/or IRR the network block had been delegated to me, and to no one else. >Would major providers accept a statement from the APNIC that the HK ISP >had never been delegated any part of the network block? What do you do >when a major provider's front-line customer service personnel don't >understand the problem, but says since the other person is a customer >they have to believe them? Of course, the major provider can't get a >hold of the customer either. > >Do providers normally just let customers announce any network, and only >review things after receiving complaints. If so, how do such providers >expect people to complain when one of their customers is causing problems. >How many days, weeks, months is considered normal to reach a competent >person at a major ISP that has the authority to block such a bogus >announcement by one of their customers? Since some (one) major provider >has a policy of not giving trouble ticket numbers when a non-customer >calls, how much ruckus must be caused to get their management's attention? > >This can cause partial network outages lasting weeks in some cases. I >hate the idea of needing to resort to things like filing formal criminal >complaints because of the dumb management policy at a major provider, but >it has been required in some other industries these providers operate >in. Slamming is a prohibited practice for long distance carriers, and >the customer can more or less easily get their phone number switched back >to their original provider. How does a customer do the same thing when >their IP network block gets slammed by another provider, or a customer >of another provider? > >There seem to be major problems with several of the widely referred to >network registration databases. I see Telstra (AS1221) is once again, >Dec 29, 1997, announcing 3.156.20.0/24. While its possible that General >Electric has an office in Australia, it seems an odd announcement. Other >than Sprint's global default for 0/1 (and then SPRINT has the nerve to >complain when people point default at them) there is no information in >the IRR about valid origin ASNs for Net 3/8. Although Mr. Bono spoke >up about some of GE's activities, other than James C. Shearer, who would >have authority over subnets from network 3/8? And what to do when the >listed contact has left, or worse is a generic position name (e.g. >[email protected] or [email protected]). > >Even going by company names isn't enough, because some companies have >very similar names, are merged, unmerged, sliced and diced. For example, >the various companies have "Data Research" in their name, but have >nothing to do with DRA. Nor is the DRA in the UK isn't affliated with >the DRA in the USA. > >Network blocks delegated to non-ISPs were fairly easy, because it is >uncommon to see subdelegations. But if you look at net 12/8 (AT&T), >customer subnets are appearing in announcements from other providers. >How do you decide when network blocks can be delegated, or not? In >net 12/8 case, the WHOIS database lists some delegations, but the IRR >shows different ones. > >But with CIDR it is even complicated figuring out what type of delegation >was done for subnets. Take the case of 205.164.62.0 which is from a >network block delegated to MCS. The history of this block is a bit odd. >It appears the block 205.164.0.0/16 was first delegated on March 15, 1995 >to NET99. On March 29, 1995 205.164.0.0/18 was delegated to MCS. At >some point later the delegation for 205.164.0.0/16 was deleted, and AGIS >was delegated 205.164.64.0/18 and 205.164.128.0/17. Something funny >happened to the database, because now MCS's registration date is >March 29, 2019 (a Y2000 problem?). MCS registered a portion of their >CIDR block in the IRR(MCI), 205.164.0.0/19. Goodnet registered an >IRR(RADB) entry for 205.164.0.0/18. AGIS and PSI have overlapping >registrations in the IRR(RADB) for 205.164.0.0/16. And, of course, >there is the Sprint global default route in the IRR(RADB) for 192/2. >Karl complained about AGIS announcing 205.164.62.0/24, but not about >205.164.13.0/24 which is also being announced by AGIS. > >How do you tell the difference between a customer trying to move a >delegated network address when switching providers, and someone whose >announcement would cause problems. > >The problem of bogus routing has been getting worse. Is it going to >take a disaster to get the attention of various provider's management? >-- >Sean Donelan, Data Research Associates, Inc, St. Louis, MO > Affiliation given for identification not representation > ************************************************************** Justin W. Newton voice: +1-650-482-2840 Senior Network Architect fax: +1-650-482-2844 PRIORI NETWORKS, INC. http://www.priori.net Legislative and Policy Director, ISP/C http://www.ispc.org "The People You Know. The People You Trust." **************************************************************
|