Re: Atrivo/Intercage: Now Only 1 Upstream

• From: Lamar Owen
• Date: Wed Sep 17 13:36:21 2008

• List-archive: <http://mailman.nanog.org/pipermail/nanog>
• List-help: <mailto:[email protected]?subject=help>
• List-id: North American Network Operators Group <nanog.nanog.org>
• List-post: <mailto:[email protected]>
• List-subscribe: <http://mailman.nanog.org/mailman/listinfo/nanog>, <mailto:[email protected]?subject=subscribe>
• List-unsubscribe: <http://mailman.nanog.org/mailman/listinfo/nanog>, <mailto:[email protected]?subject=unsubscribe>

On Wednesday 17 September 2008 12:55:49 Skywing wrote:
>> Lamar Owen Wrote:
>> Seems to me getting that IP space on a bogon list could be enough to make a
>> serious dent.

> Putting things in the automated bogon feeds (e.g. Team Cymru) that are not
> strictly bogons (unallocated addresses) is likely to very quickly erode
> trust in those services, if that is what you are suggesting.

Seems a similar topic has been here before... hrm... Yep, back around the 
first of August the subject came up of "Is it time to abandon bogon prefix 
filters?"  in which thread you (among many others) were a participant.  I 
don't have an archive link, sorry, since I used my personal archive of NANOG 
to find.

Seems there are already trust, DoS, etc issues out there, in spades.

But if someone wanted to do a 'badon'  list and distribute in a similar 
fashion nothing is preventing folks for subscribing.  The various antispam 
DNSBL's have multiple feeds of different kinds; some enterprising soul could 
do the same for routing.  Will everyone do that?  Of course not; some will 
choose to not, others will simply not care, and others will just ignore.

Perhaps it could be called the wish-they-were-bogons list.  Then a 
I-really-wish-they-were-bogons list for just the more severe block.

The point made by Christopher Morrow is well taken:
> There's the additional issue of allowing a third party to
>manage/traffic-engineer inside your network which might upset some
>operations folks. If you can build a list on your own in a reasonable
>fashion with supporting information and high confidence level that's
>one story, if this list comes from "someone else" whom you don't even
>have a billing-relationship with... it's hard to sell that when
>something bad happens.
>
>Certainly not everyone feels this way (see 'popularity' of the
>existing RBL/xbl lists) but in a larger network, or one that makes
>money ...

Folks who use a DNSBL are already letting people in their network, in the 
e-mail sense at least (and some firewall interfaces to these lists).  Those 
same people would likely not have a problem with a wish-they-were-bogons 
list.

But, yeah, it's like chasing a weasel with an M134 with someone else aiming 
while you hold down the trigger.

For infrastructure notes, see Team Cymru's description page at 
http://www.team-cymru.org/Services/Bogons/routeserver.html

Seems easy enough to duplicate (of course, the devil is in the details, and 
nothing is as easy as it seems); and making the 'thing' 'do the right thing' 
is a matter of what routes are actually served by your route-servers.  
Perhaps a good use for that old Internet backbone router (or wannabe) that 
can no longer take a full BGP feed.

• Follow-Ups:
  • Re: Atrivo/Intercage: Now Only 1 Upstream Christopher Morrow

• References:
  • RE: Atrivo/Intercage: Now Only 1 Upstream Skywing

• Prev by Date: Re: Atrivo/Intercage: Now Only 1 Upstream
• Next by Date: Re: Atrivo/Intercage: Now Only 1 Upstream
• Date Index
• Thread Index
• Author Index
• Historical