Ettiquette and rules regarding Hijacked ASN's or IP space?
jlewis at lewis.org
jlewis at lewis.org
Mon Jun 9 16:53:52 UTC 2003
On Mon, 9 Jun 2003, Joe Abley wrote:
> The ISP in Toronto asked for an LOA, and got one, neatly presented on
> company letterhead, and accompanied by e-mail from the tech contact for
> the block confirming that the request to advertise the block was
> Is that enough justification to perform the announcement? Where exactly
> should the line be drawn?
Unfortunately, probably not. How do they know it was company letterhead?
Had they ever seen the company's letterhead before? How do they know I
didn't just create that LOA and letterhead in OpenOffice?
> Maybe some service akin to a credit check is required.
> "Hello, I have a request to accept an announcement of 184.108.40.206/17
> from AS 4768."
> "That request is legitimate according to our records, here is your
> auth code."
Trouble is, how do you/they know if both the space and ASN have been
> "Hello, my new customer with the following contact details has asked
> me to originate 220.127.116.11/18 from AS 9327."
> "We cannot confirm the legitimacy of that request, and the listed
> contact for 18.104.22.168/18 has been informed of your request."
The listed contact may not be who ARIN [or other local RIR] thinks it is.
> Since the RIRs contain the information required to answer those
> questions, you'd expect them (or their data) to be involved in the
> process of answering them.
They really don't. Thus far, when space is assigned, the RIRs have no way
to later authenticate that an organization using the space is the same one
that they assigned it to.
As for the current state of BGP authentication/sanity checking, I can say
2 of my 4 upstreams take whatever I put in the routing registry. The
other two require an email be sent requesting prefix filter updates. I
was just told by one, that they'll accept whatever I request, only
questioning it if someone complains to them about it. The other, I
haven't asked, but I assume they work similarly. On the bright side, all
of them are at least filtering.
Jon Lewis *jlewis at lewis.org*| I route
System Administrator | therefore you are
Atlantic Net |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
More information about the NANOG