North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Pitfalls of _accepting_ /24s

  • From: jlewis
  • Date: Thu Oct 16 19:01:54 2003

On the topic of announcing PA /24's, what procedures do you take to make
sure that a new customer who want's to announce a few PA (P being one or
more P's other than yourself) IP space is legit and should be announcing 
that IP space?  

I'm not sure what they do internally, but I know Sprint, C&W, UUNet,
Genuity, Level3, MFN and Broadwing will all comply with a customer's
request to route space with nothing in writing other than an email request
/ webform filled out / route objects properly setup.  A client multihomed
to a few of those providers (and who has a /24 from each provider) just
signed up with a 4th provider.  P4 wants an LOA on company letterhead from
each other P authorizing the client to announce those other P's /24's.

This is the first time I've ever heard of such precautions.  The client 
was really not ammused, but I explained that it's possible P4 (who has a 
rep for doing business with spammers) has gotten burned by customers 
announcing hijacked (or otherwise unauthorized) blocks and just wants to 
be extra careful now.

Personally, I just check whois, and if it looks legit, I'll listen to 
those routes and even create their route objects as necessary, since some 
of our upstreams require that.

----------------------------------------------------------------------
 Jon Lewis *[email protected]*|  I route
 Senior Network Engineer     |  therefore you are
 Atlantic Net                |  
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________