common checks performed when passing on an IPv4 PA allocation from one end-customer to another

Martin T m4rtntns at gmail.com
Tue Apr 28 09:32:05 UTC 2015


Hi,

as far as I know, some large US Internet companies like Google,
Facebook or Amazon restrict access to some services for certain
regions like Crimea or countries like Iran or North Korea. Do they
rely on services like MaxMind? Or do they use some other method to
check the geographical location of IP address? If yes, then is there
an API to check if an address is allowed to use Google, Facebook, etc
services or not?


thanks,
Martin

On 9/17/13, Martin T <m4rtntns at gmail.com> wrote:
> Hi,
>
> when one end-customer has been using for example /24 IPv4 allocation
> for a while and returns this(for example changes an ISP) to LIR, then
> are there some good practices before handing out this same /24 to a
> new customer? I guess LIR should:
>
> 1) remove all the DNS PTR records, classless of classful delegations
> 2) check if some of the IP addresses are in DNSBL(maybe the previous
> customer was a spammer). Example with 93.184.216.0/24:
>
> $ for ip in {0..255}.216.184.93;\
>> do for addr in \
>> cbl.abuseat.org \
>> dnsbl.inps.de \
>> no-more-funn.moensted.dk \
>> dnsbl.sorbs.net \
>> bl.spamcannibal.org \
>> bl.spamcop.net \
>> psbl.surriel.com \
>> dnsrbl.swinog.ch; \
>> do dig @8.8.8.8 "$ip"."$addr" +short | grep -q "^127.0.0." && \
>> echo "DNSBL-Alarm: $ip is listed on $addr"; done; done
> $
>
>
> Anything else?
>
>
> regards,
> Martin
>



More information about the NANOG mailing list