Home page logo
/

nanog logo nanog mailing list archives

Re: Ettiquette and rules regarding Hijacked ASN's or IP space?
From: Joe Abley <jabley () isc org>
Date: Mon, 9 Jun 2003 12:13:05 -0400



On Monday, Jun 9, 2003, at 02:36 Canada/Eastern, John Brown wrote:

RIR's are not and should not be in the business of dictating what
goes into the routing table, or what label is used on what goes
into the routing table.

Just the other day I heard of a new customer of an ISP in Toronto who had requested transit for particular blocks. The numbers in question were registered to a tyre company in South Africa, and were now in use by a hosting company based in Sacramento, who now wanted the block announced in Toronto.

The ISP in Toronto asked for an LOA, and got one, neatly presented on company letterhead, and accompanied by e-mail from the tech contact for the block confirming that the request to advertise the block was authorised.

Is that enough justification to perform the announcement? Where exactly should the line be drawn?

Someone made the point from the floor mike in Salt Lake City during the SBGP/SoBGP panel discussion that until there is an easy, manual way to answer the questions "should I accept this route from this AS" and "should I originate this route", no amount of crypto or automation is really going to help anything.

Maybe some service akin to a credit check is required.

"Hello, I have a request to accept an announcement of 203.97.0.0/17 from AS 4768." "That request is legitimate according to our records, here is your auth code."

"Hello, my new customer with the following contact details has asked me to originate 203.167.0.0/18 from AS 9327." "We cannot confirm the legitimacy of that request, and the listed contact for 203.167.0.0/18 has been informed of your request."

"Hello, my customer gave me the following pre-auth code together with a request to originate 203.97.128.0/17 on his behalf" "That pre-auth code matches the prefix, here is your auth code for this request."

Since the RIRs contain the information required to answer those questions, you'd expect them (or their data) to be involved in the process of answering them.


Joe


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault