Public shaming list for ISPs announcing other ISPs IP space by mistake
David Freedman
david.freedman at uk.clara.net
Fri Aug 15 14:49:46 UTC 2008
Danny McPherson wrote:
>
> On Aug 14, 2008, at 1:09 PM, Jared Mauch wrote:
>>
>> You're missing a step:
>>
>> janitor.
>>
>> No really, the reason for some leaks isn't because so-and-so was
>> never a customer, they were. 5 years ago. nobody removed the routes
>> from
>> the IRR or AS-SET or <insert method here> and now the route is learned
>> via
>> some other location and it's bypassed your perimiter security and
>> infiltrated your BGP.
>
> I agree, how many of you folks that use IRRs have
> ever deleted an IRR object? Heck, some ISPs even
> add them based on existence of advertised routes.
Agree, IRR objects do get dirty and require cleaning up,
The company I work for makes a good effort at this which
starts by measuring how dirty they are:
http://noc.eu.clara.net/routing.php
The problem is caused by a combination of both us and our downstreams
not cleaning properly.
Over the past few months I've been working on a personal project to
clean our IRR objects by making the system which generates them talk
closer to the system which bills people. (*)
Part of this work has meant going through the pain of providing an
internal WHOIS service since we decided that it was the best way of
storing data without re-inventing the wheel.
This said, if you are not using IRR (at least for your customers) then
PLEASE START DOING SO, you'll have plenty of time to worry about keeping
it up to date once you can get you or your organisation to grips with it.
Dave.
* if you are interested you can compare AS-CLARANET macro in the ripedb
with AS-CLARANET macro in the ripe testdb (test-whois.ripe.net), This
object will launch in the next few weeks.
>
> -danny
>
>
More information about the NANOG
mailing list