Ettiquette and rules regarding Hijacked ASN's or IP space?

Joe Abley jabley at isc.org
Mon Jun 9 16:13:05 UTC 2003


On Monday, Jun 9, 2003, at 02:36 Canada/Eastern, John Brown wrote:

> RIR's are not and should not be in the business of dictating what
> goes into the routing table, or what label is used on what goes
> into the routing table.

Just the other day I heard of a new customer of an ISP in Toronto who 
had requested transit for particular blocks. The numbers in question 
were registered to a tyre company in South Africa, and were now in use 
by a hosting company based in Sacramento, who now wanted the block 
announced in Toronto.

The ISP in Toronto asked for an LOA, and got one, neatly presented on 
company letterhead, and accompanied by e-mail from the tech contact for 
the block confirming that the request to advertise the block was 
authorised.

Is that enough justification to perform the announcement? Where exactly 
should the line be drawn?

Someone made the point from the floor mike in Salt Lake City during the 
SBGP/SoBGP panel discussion that until there is an easy, manual way to 
answer the questions "should I accept this route from this AS" and 
"should I originate this route", no amount of crypto or automation is 
really going to help anything.

Maybe some service akin to a credit check is required.

   "Hello, I have a request to accept an announcement of 203.97.0.0/17 
from AS 4768."
   "That request is legitimate according to our records, here is your 
auth code."

   "Hello, my new customer with the following contact details has asked 
me to originate 203.167.0.0/18 from AS 9327."
   "We cannot confirm the legitimacy of that request, and the listed 
contact for 203.167.0.0/18 has been informed of your request."

   "Hello, my customer gave me the following pre-auth code together with 
a request to originate 203.97.128.0/17 on his behalf"
   "That pre-auth code matches the prefix, here is your auth code for 
this request."

Since the RIRs contain the information required to answer those 
questions, you'd expect them (or their data) to be involved in the 
process of answering them.


Joe




More information about the NANOG mailing list