ARIN Fraud Reporting Form ... Don't waste your time
David Miller
dmiller at tiggee.com
Fri Oct 1 20:32:34 UTC 2010
On 10/1/2010 2:17 PM, William Herrin wrote:
> On Fri, Oct 1, 2010 at 10:32 AM, David Miller<dmiller at tiggee.com> wrote:
>> I am merely refuting the statement, which I have heard many times in many
>> different forums, that ARIN (or any RIR) makes address allocations and then
>> walks away with no further active involvement in the use of these
>> allocations. This statement is simply not true.
> David,
>
> What *is* true is that ARIN's further involvement in the use of those
> allocations is regulated by the policies that you and I wrote and
> instructed ARIN to follow. Those policies include no actions to be
> taken when a hijacker announces routes contrary to ARIN's registry
> information. So long as ARIN's information has not been falsified,
> forcing or not forcing folks to obey it is left for the ISPs to
> resolve for themselves.
>
> Do you think ARIN should should act as a clearinghouse for action with
> respect to hijacked BGP announcements? Draft a policy proposal and
> post it on the PPML. If your colleagues agree with you, that will
> become one of ARIN's roles.
>
> Until then, you criticize ARIN unfairly for doing what you and I have
> told it to do.
>
> Regards,
> Bill Herrin
>
I apologize if I was unclear.
I stated in my first message regarding the possibility that RIRs could
delegate abandoned/hijacked space to provide reverse DNS answers - "This
is something that ARIN *could* easily do technically. Admittedly, this
would require reporting and investigation that I am uncertain whether or
not ARIN is empowered/funded to do. This would also require a process
be put in place for removing allocations from the delegation to the
unused/abandoned reverse DNS servers... " The word 'could' was chosen
by me instead of the word 'should' for a reason.
In my second message on this topic I in fact quoted the parts of ARIN's
Number Resource Policy Manual regarding POC and reverse DNS delegation
validation / removal.
I am well aware of ARIN's policies and the process for changing them.
To be clear, my point is merely that RIRs do not make address
allocations and then walk away with no day to day involvement with these
addresses on some technical level. To reiterate:
"The RIR's reverse DNS servers are queried all day every day for the
reverse DNS delegations for every netblock that they allocate. This
means that RIRs are, in at least this way, actively operationally
involved in the use of the allocations that they make. This also means
that an RIR has the technical vector to affect the active present use of
the allocations that they have made in the past."
This was meant in no way to criticize RIRs (or any RIR in particular) or
proscribe actions that I believe RIRs should take. This was meant to
correct anyone that incorrectly states that RIRs allocate addresses and
then walk away or do nothing but maintain whois records.
Reverse DNS delegation is a technical vector that could be used by RIRs
to affect the active present use of the allocations that they have made
in the past. I understand that reverse DNS would not affect route
announcements/hijacks, but it would/could/might affect spam coming from
these abandoned address spaces - which was the original topic for this
discussion.
I agree that little/nothing is proscribed for RIRs at a policy level.
The policies and procedures regarding this could be written. I agree
that these policies and procedures do not exist now.
-DM
More information about the NANOG
mailing list