Deciding whose network block is whose?
brad at b63695.student.cwru.edu
Mon Dec 29 23:40:36 UTC 1997
> When some random person decides to announce a subnet, what do providers
> accept as proof the person has authority to announce that subnet to the
> global Internet? Or the other side, when some random person calls up
> complaining that someone else is announcing a subnet without authorization
> what do providers accept as proof that the announcement is invalid?
> For example, lets say a difficult to reach ISP on the other side of the
> planet decided to announce a subnet DRA had assigned for use by one of our
> customers. Would major providers take my word a Hong Kong provider was
> wrong? Would major providers accept the registration information in WHOIS
> and/or IRR the network block had been delegated to me, and to no one else.
> Would major providers accept a statement from the APNIC that the HK ISP
> had never been delegated any part of the network block? What do you do
> when a major provider's front-line customer service personnel don't
> understand the problem, but says since the other person is a customer
> they have to believe them? Of course, the major provider can't get a
> hold of the customer either.
> Do providers normally just let customers announce any network, and only
> review things after receiving complaints. If so, how do such providers
> expect people to complain when one of their customers is causing problems.
> How many days, weeks, months is considered normal to reach a competent
> person at a major ISP that has the authority to block such a bogus
> announcement by one of their customers? Since some (one) major provider
> has a policy of not giving trouble ticket numbers when a non-customer
> calls, how much ruckus must be caused to get their management's attention?
We only accept announcements incoming from our customers which exactly
match the addresses they have given us as originating from their AS.
This is not a very pretty solution in that it requires our
customer to contact us any time they want to revise the routes that
they are announcing, but it does provide a human check against stupid
errors (or malicious intent).
brad at iagnet.net
More information about the NANOG