North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: IRRs

  • From: Steve Carter
  • Date: Thu Apr 15 08:15:12 1999

Sean Donelan wrote:
> is announced by NTIS's ASN 10616 via UUNET ASN 701.  I could
> not find a valid aut-num object for ASN 10616, and the covering route object
> for was an old SURANET/BBN block for 192.239/16 indicating
> a source AS 1.

This is reasonably typical ...

> The lack of correct current routing registry information for the IRS web
> site doesn't seem to have hurt its connectivity.  Other the other hand,
> it also wouldn't hurt the connectivity of someone impersonating the IRS
> web site network route.  The rest of the Internet just has to take the
> routes on faith.

Don't let a route being registered in one of the routing registries lull
you into a false sense of security (sic), there is zero to very little
real authentication done on a route registration.  It only takes an ounce
(or less) knowledge to register a route as being originated from any AS.

Do I think this is a real problem?  It hasn't been so far, probably due to
our cooperative and trusting nature >;). I think it would take quite some
resources and reputation killing stupidity (or malice) to inject 'illegal'
routes and then do something meaningful with them.