North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: Deciding whose network block is whose?
- From: Geoff Huston
- Date: Mon Dec 29 20:01:53 1997
This is precisely what I was on about in the not-the-iepg meeting prior
to the last IETF - there is no current workable mechanisms for a provider
to validate a customer's request to route an address block in
a manner which would permit automation of the request and
I am looking to the regional registeries to take some level of initiative
and provide clients of their address allocation service the ability to
sign the allocation and then the client can sign the routing request to the
provider which the provider can verify against the regional registry.
We went through this in discussion in the room at the time and it
looked like a viable and useful approach.
At 09:17 AM 12/29/97 -0600, Sean Donelan wrote:
>When some random person decides to announce a subnet, what do providers
>accept as proof the person has authority to announce that subnet to the
>global Internet? Or the other side, when some random person calls up
>complaining that someone else is announcing a subnet without authorization
>what do providers accept as proof that the announcement is invalid?
>For example, lets say a difficult to reach ISP on the other side of the
>planet decided to announce a subnet DRA had assigned for use by one of our
>customers. Would major providers take my word a Hong Kong provider was
>wrong? Would major providers accept the registration information in WHOIS
>and/or IRR the network block had been delegated to me, and to no one else.
>Would major providers accept a statement from the APNIC that the HK ISP
>had never been delegated any part of the network block? What do you do
>when a major provider's front-line customer service personnel don't
>understand the problem, but says since the other person is a customer
>they have to believe them? Of course, the major provider can't get a
>hold of the customer either.
>Do providers normally just let customers announce any network, and only
>review things after receiving complaints. If so, how do such providers
>expect people to complain when one of their customers is causing problems.
>How many days, weeks, months is considered normal to reach a competent
>person at a major ISP that has the authority to block such a bogus
>announcement by one of their customers? Since some (one) major provider
>has a policy of not giving trouble ticket numbers when a non-customer
>calls, how much ruckus must be caused to get their management's attention?
>This can cause partial network outages lasting weeks in some cases. I
>hate the idea of needing to resort to things like filing formal criminal
>complaints because of the dumb management policy at a major provider, but
>it has been required in some other industries these providers operate
>in. Slamming is a prohibited practice for long distance carriers, and
>the customer can more or less easily get their phone number switched back
>to their original provider. How does a customer do the same thing when
>their IP network block gets slammed by another provider, or a customer
>of another provider?
>There seem to be major problems with several of the widely referred to
>network registration databases. I see Telstra (AS1221) is once again,
>Dec 29, 1997, announcing 184.108.40.206/24. While its possible that General
>Electric has an office in Australia, it seems an odd announcement. Other
>than Sprint's global default for 0/1 (and then SPRINT has the nerve to
>complain when people point default at them) there is no information in
>the IRR about valid origin ASNs for Net 3/8. Although Mr. Bono spoke
>up about some of GE's activities, other than James C. Shearer, who would
>have authority over subnets from network 3/8? And what to do when the
>listed contact has left, or worse is a generic position name (e.g.
>hostmaster@ or noc@).
>Even going by company names isn't enough, because some companies have
>very similar names, are merged, unmerged, sliced and diced. For example,
>the various companies have "Data Research" in their name, but have
>nothing to do with DRA. Nor is the DRA in the UK isn't affliated with
>the DRA in the USA.
>Network blocks delegated to non-ISPs were fairly easy, because it is
>uncommon to see subdelegations. But if you look at net 12/8 (AT&T),
>customer subnets are appearing in announcements from other providers.
>How do you decide when network blocks can be delegated, or not? In
>net 12/8 case, the WHOIS database lists some delegations, but the IRR
>shows different ones.
>But with CIDR it is even complicated figuring out what type of delegation
>was done for subnets. Take the case of 220.127.116.11 which is from a
>network block delegated to MCS. The history of this block is a bit odd.
>It appears the block 18.104.22.168/16 was first delegated on March 15, 1995
>to NET99. On March 29, 1995 22.214.171.124/18 was delegated to MCS. At
>some point later the delegation for 126.96.36.199/16 was deleted, and AGIS
>was delegated 188.8.131.52/18 and 184.108.40.206/17. Something funny
>happened to the database, because now MCS's registration date is
>March 29, 2019 (a Y2000 problem?). MCS registered a portion of their
>CIDR block in the IRR(MCI), 220.127.116.11/19. Goodnet registered an
>IRR(RADB) entry for 18.104.22.168/18. AGIS and PSI have overlapping
>registrations in the IRR(RADB) for 22.214.171.124/16. And, of course,
>there is the Sprint global default route in the IRR(RADB) for 192/2.
>Karl complained about AGIS announcing 126.96.36.199/24, but not about
>188.8.131.52/24 which is also being announced by AGIS.
>How do you tell the difference between a customer trying to move a
>delegated network address when switching providers, and someone whose
>announcement would cause problems.
>The problem of bogus routing has been getting worse. Is it going to
>take a disaster to get the attention of various provider's management?
>Sean Donelan, Data Research Associates, Inc, St. Louis, MO
> Affiliation given for identification not representation
Mailto: firstname.lastname@example.org Technology Manager , Telstra Internet
Phone: +61 2 6208 1908
PGP public key: http://pgp.ai.mit.edu:email@example.com
See you at INET'98, Geneva 21-24,July 98 http://www.isoc.org/inet98/