Deciding whose network block is whose?

Justin W. Newton justin at
Mon Dec 29 17:01:55 UTC 1997

Priori networks requires any customer who wants to announce a route to us
via BGP, or wants us to announce a route via BGP for them to have the
proper contact information available via rwhois at either the internic
(ARIN now I suppose), RIPE, or APNIC.  We filter all incoming routing
announcements from customers by prefix.  We have not yet had a problem
where someone has called and said we were announcing their block, so I
cannot tell you for certain what the resolution time for such an issue
would be.

At 09:17 AM 12/29/97 -0600, Sean Donelan wrote:
>When some random person decides to announce a subnet, what do providers
>accept as proof the person has authority to announce that subnet to the
>global Internet?  Or the other side, when some random person calls up
>complaining that someone else is announcing a subnet without authorization
>what do providers accept as proof that the announcement is invalid?
>For example, lets say a difficult to reach ISP on the other side of the
>planet decided to announce a subnet DRA had assigned for use by one of our
>customers.  Would major providers take my word a Hong Kong provider was
>wrong?  Would major providers accept the registration information in WHOIS
>and/or IRR the network block had been delegated to me, and to no one else.
>Would major providers accept a statement from the APNIC that the HK ISP
>had never been delegated any part of the network block?  What do you do
>when a major provider's front-line customer service personnel don't
>understand the problem, but says since the other person is a customer
>they have to believe them?  Of course, the major provider can't get a
>hold of the customer either.
>Do providers normally just let customers announce any network, and only
>review things after receiving complaints.  If so, how do such providers
>expect people to complain when one of their customers is causing problems.
>How many days, weeks, months is considered normal to reach a competent
>person at a major ISP that has the authority to block such a bogus
>announcement by one of their customers?  Since some (one) major provider
>has a policy of not giving trouble ticket numbers when a non-customer
>calls, how much ruckus must be caused to get their management's attention?
>This can cause partial network outages lasting weeks in some cases.  I
>hate the idea of needing to resort to things like filing formal criminal
>complaints because of the dumb management policy at a major provider, but
>it has been required in some other industries these providers operate
>in.  Slamming is a prohibited practice for long distance carriers, and
>the customer can more or less easily get their phone number switched back
>to their original provider.  How does a customer do the same thing when
>their IP network block gets slammed by another provider, or a customer
>of another provider?
>There seem to be major problems with several of the widely referred to
>network registration databases.  I see Telstra (AS1221) is once again,
>Dec 29, 1997, announcing  While its possible that General
>Electric has an office in Australia, it seems an odd announcement.  Other
>than Sprint's global default for 0/1 (and then SPRINT has the nerve to
>complain when people point default at them) there is no information in
>the IRR about valid origin ASNs for Net 3/8.  Although Mr. Bono spoke
>up about some of GE's activities, other than James C. Shearer, who would
>have authority over subnets from network 3/8?  And what to do when the
>listed contact has left, or worse is a generic position name (e.g.
>[email protected] or [email protected]).
>Even going by company names isn't enough, because some companies have
>very similar names, are merged, unmerged, sliced and diced. For example,
>the various companies have "Data Research" in their name, but have
>nothing to do with DRA.  Nor is the DRA in the UK isn't affliated with
>the DRA in the USA.
>Network blocks delegated to non-ISPs were fairly easy, because it is
>uncommon to see subdelegations.  But if you look at net 12/8 (AT&T),
>customer subnets are appearing in announcements from other providers.
>How do you decide when network blocks can be delegated, or not?  In
>net 12/8 case, the WHOIS database lists some delegations, but the IRR
>shows different ones.
>But with CIDR it is even complicated figuring out what type of delegation
>was done for subnets.  Take the case of which is from a
>network block delegated to MCS.  The history of this block is a bit odd.
>It appears the block was first delegated on March 15, 1995
>to NET99.  On March 29, 1995 was delegated to MCS.  At
>some point later the delegation for was deleted, and AGIS
>was delegated and  Something funny
>happened to the database, because now MCS's registration date is
>March 29, 2019 (a Y2000 problem?).  MCS registered a portion of their
>CIDR block in the IRR(MCI),  Goodnet registered an
>IRR(RADB) entry for  AGIS and PSI have overlapping
>registrations in the IRR(RADB) for  And, of course,
>there is the Sprint global default route in the IRR(RADB) for 192/2.
>Karl complained about AGIS announcing, but not about
> which is also being announced by AGIS.
>How do you tell the difference between a customer trying to move a
>delegated network address when switching providers, and someone whose
>announcement would cause problems.
>The problem of bogus routing has been getting worse.  Is it going to
>take a disaster to get the attention of various provider's management?
>Sean Donelan, Data Research Associates, Inc, St. Louis, MO
>  Affiliation given for identification not representation

Justin W. Newton                        voice: +1-650-482-2840 	
Senior Network Architect                  fax: +1-650-482-2844
Legislative and Policy Director, ISP/C
"The People You Know.  The People You Trust."

More information about the NANOG mailing list