de-peering for security sake

Colin Johnston colinj at gt86car.org.uk
Wed Jan 20 08:17:02 UTC 2016


cats are nice

colin

Sent from my iPhone

> On 19 Jan 2016, at 15:12, "Michael O'Connor" <moc at es.net> wrote:
> 
> Why do we believe network administrators can advocate perfectly for
> customer access?
> I couldn't control my own children's access without making us all
> miserable.
> 
> Nation state access control in a free country at the network layer is bound
> to fail, way too many cats to herd.
> 
> 
> 
>> On Mon, Jan 18, 2016 at 2:31 PM, <bzs at theworld.com> wrote:
>> 
>> 
>> On January 18, 2016 at 00:21 Valdis.Kletnieks at vt.edu (
>> Valdis.Kletnieks at vt.edu) wrote:
>>> On Sun, 17 Jan 2016 19:39:52 -0500, bzs at theworld.com said:
>>>> How about if backed by an agreement with the 5 RIRs stating no new
>>>> resource allocations or transfers etc unless a contract is signed and
>>>> enforced? Or similar.
>>> 
>>> Then they'd just resort to hijacking address space.
>>> 
>>> Oh wait, they already do that and get away with it....
>> 
>> I think we're talking about two different problems, both valid.
>> 
>> One is legitimate operators who probably mostly want to do the right
>> thing but are negligent, disagree (perhaps with many one this list) on
>> what is an actionable problem, etc.
>> 
>> The other are those actors prone to criminality.
>> 
>> I was addressing the first problem though I'd assert that progress on
>> the first problem would likely yield progress on the second, or
>> cooperation anyhow.
>> 
>>> 
>>> (And a threat of withholding IP address space from long-haul providers
>> isn't as
>>> credible - they have much less need for publicly routed IP addresses
>> than
>>> either eyeball farms or content farms, so you'll have to find some
>> other way to
>>> motivate them to not accept a hijacked route announcement...)
>>> 
>> 
>> No man is an island entire of himself -- John Donne.
>> 
>> First one has to agree to the concept of creating a network based on
>> contractual agreements.
>> 
>> I gave some examples of how to encourage actors to enter into those
>> contracts, my list wasn't intended to be exhaustive, it was intended
>> to be an existence proof, some pressure points exist and are easy to
>> understand even if not complete.
>> 
>> Besides, why make the perfect the enemy of the good? If many, perhaps
>> not all (or not at first), agreed to a common set of contractual
>> obligations that would be progress, no?
>> 
>> Is there even a document which describes what a "hijacked" net block
>> is and why it is bad? Obvious? No, it is not obvious. The best one can
>> say is there exist obvious cases.
>> 
>> --
>>        -Barry Shein
>> 
>> Software Tool & Die    | bzs at TheWorld.com             |
>> http://www.TheWorld.com
>> Purveyors to the Trade | Voice: +1 617-STD-WRLD       | 800-THE-WRLD
>> The World: Since 1989  | A Public Information Utility | *oo*
>> 
> 
> 
> 
> -- 
> Michael O'Connor
> ESnet Network Engineering
> moc at es.net
> 631 344-7410



More information about the NANOG mailing list