[NANOG] fair warning: less than 1000 days left to IPv4 exhaustion

• Previous message (by thread): [NANOG] fair warning: less than 1000 days left to IPv4 exhaustion
• Next message (by thread): [NANOG] fair warning: less than 1000 days left to IPv4 exhaustion
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Suresh Ramasubramanian wrote:
> Let's think smaller. /16 shall we say?
> 
> Like the /16 here.  Originally the SRI / ARPANET SF Bay Packet Radio
> network that started back in 1977.  Now controlled by a shell company
> belonging to a shell company belonging to a "high volume email
> deployer" :)
> 
> http://blog.washingtonpost.com/securityfix/2008/04/a_case_of_network_identity_the_1.html

Which leads me to ask an OT but slightly related question.  How do other 
SPs handle the blacklisting of ASNs (not prefixes but entire ASNs).  The 
/16 that Suresh mentioned here is being originated by a well-known spam 
factory.  All prefixes originating from that AS could safely be assumed 
to be undesirable IMHO and can be dropped.  A little Googling for that 
/16 brings up a lot of good info including:

http://groups.google.com/group/news.admin.net-abuse.email/msg/5d3e3f89bb148a4c

Does anyone have any good tricks for filtering on AS path that they'd 
like to share?  I already have my RTBH set up so setting the next-hop 
for all routes originating from a given ASN to one of my blackhole 
routes (to null0, a sinkhole or srubber) would be ideal.  Not accepting 
the route period and letting uRPF drop traffic would be ok too.

Justin

• Previous message (by thread): [NANOG] fair warning: less than 1000 days left to IPv4 exhaustion
• Next message (by thread): [NANOG] fair warning: less than 1000 days left to IPv4 exhaustion
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]