North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: 69/8...this sucks -- Centralizing filtering..

  • From: Todd A. Blank
  • Date: Mon Mar 10 17:07:33 2003

I continue to agree that moving critical resources (see below) to these
new blocks is the best approach I have seen or heard in the months since
I made the original post.  This approach punishes the clueless instead
of the people that already know what the problem is (and have to live
with it every day).

I can't begin to calculate the amount of support time we have burned
contacting the offending networks.  I know the cost has been prohibitive
at best.

I have seen this suggestion once before (maybe even by Jon) and I still
think it is the best way things will get resolved quickly.

Maybe we should suggest that ARIN also host some of their stuff on this
block :-)

Todd
IPOutlet LLC


-----Original Message-----
From: [email protected] [mailto:[email protected]] 
Sent: Monday, March 10, 2003 12:52 PM
To: E.B. Dreger
Cc: [email protected]
Subject: RE: 69/8...this sucks -- Centralizing filtering..


On Mon, 10 Mar 2003, E.B. Dreger wrote:

> Now, how can we force that?  Sufficient reward for doing so, or
> pain for failure.  Evidently "some people can't reach you" isn't
> enough pain, and having full reachability isn't enough reward.

I think the only way that's relatively guaranteed to be effective is to 
move a critical resource (like the gtld-servers) into new IP blocks when

previously reserved blocks are assigned to RIR's.

I still have a couple hundred thousand IPs to check (I'm going to step
up
the pace and see if I can get through the list today), but I already
have
a list of several hundred IPs in networks that ignore 69/8.  The list
includes such networks as NASA, the US DoD, and networks in China,
Russia,
and Poland.  Those are just a few that I've done manual whois's for.

I haven't decided yet whether I'll send automated messages to all the 
broken networks and give them time to respond and fix their filters, or 
just post them all to NANOG when the list is complete.

Are people interested in seeing the full list (at least the ones I find)
of networks that filter 69/8?

Does Atlantic.Net get an ARIN discount for doing all this leg work? :)
 
----------------------------------------------------------------------
 Jon Lewis *[email protected]*|  I route
 System Administrator        |  therefore you are
 Atlantic Net                |  
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________