Public shaming list for ISPs announcing other ISPs IP space by mistake

Thu Aug 14 14:56:58 UTC 2008

On Wed, Aug 13, 2008 at 05:14:43PM -0400, Patrick W. Gilmore wrote:
> Saying something is Operational (and on-topic for nanog) does not mean  
> you should de-peer them.

	If it's active and persistent, it would qualify as operational.
Then I can classify the risk.  I'm openly wondering if there should be
more aggressive "turn the bad stuff off" happening.

> That said, I will not stop you from de-peering a network who can't keep 
> its table clean.  Your network, your decision.

	I'm still seeing persistent leaks, generally over 10k/day that
are unresolved after a year of collecting this data.

> You wield a much bigger hammer than 99.999% of the people here, and you 
> know it.

	I'm not posting as my employer, nor purporting to represent them,
but at the same time, wonder what the impact would be if there were more
consistent actions taken by networks when there was badness,
either routing leak or otherwise.

> While I doubt "shame" will work in all but the most extreme cases, I  
> believe brokeness does, eventually have an impact.  Let's just hope that 
> impact is not blunted by (for instance) monopoly power, so that "voting 
> with your wallet" will force network to fix things.

	I certainly agree on the impact.  If there were clear
and predictable reactions to the brokeness, would people actually
take actions to repair the problem?  

	eg:

200.1.15.0/24	 2914 6762 27648 3561 5511 6505 27782

	What If I were to respond with a bgp notify (invalid as-path)
to 6762 when they send this route to 2914?  Doesn't matter if they're
a customer or a peer, i may not want to get 3561 routes from you.

> Just thought I'd say "BCP38" again.

Router#conf t
Router(config)#interface customer0/1
Router(config)# ip verify unicast source reachable-via rx

	- Jared

-- 
Jared Mauch  | pgp key available via finger from jared at puck.nether.net
clue++;      | http://puck.nether.net/~jared/  My statements are only mine.