Do you have INOC-DBA set up? (was: Re: PCH.net questions and thoughts - Re: Prefix hijacking by AS20115)
Niels Bakker
niels=nanog at bakker.net
Tue Sep 29 15:44:32 UTC 2015
* jra at baylink.com (Jay Ashworth) [Tue 29 Sep 2015, 17:31 CEST]:
>The idea of a private tieline network that is connected, by SIP, to a line
>appearance in the NOC of each AS, and no one else is on it, seems like a
>fine idea to me.
Until you take into account that SIP doesn't work through many
firewalls, that people generally don't give a second thought to
timezones, that network engineers generally dislike having to mess
with voice systems, etc. etc.
2 out of 3 INOC-DBA calls I ever received were silent on their end
(presumably) due to firewalls; the third call was a test.
>And that was INOC-DBA's original goal, as I understand it:
>
>You're having a problem? It's coming from some specific AS?
>
>Pick up the phone, mash the red INOC line button, dial the AS
>number, and you're talking to their NOC.
>
>And that's *authenticated*: since it's low enough churn to set up
>by hand, it's authenticated by humans.
In other words, it wasn't secure, it wouldn't scale and churn killed it.
>Show of hands: who has it set up, correctly, right now?
No. There is nothing I'd do after receiving a phone call that I
wouldn't do via email anyway.
-- Niels.
More information about the NANOG
mailing list