Security issues based on post RIR allocation rules

Spurling, Shannon shannon at more.net
Tue Dec 11 15:31:38 UTC 2018


Hey, I lurk a bit, and try to stay out of stuff if I can, but I've had a bout of problems that appear to have a common source.
I work in the Educational networking area, and a lot of our members are pre-RIR formation internet users. They have IP ranges that were allocated from the 150/8 through 170/8 blocks. Unfortunately, a bunch of those are part of the legacy ranges handled by APNIC and AFRINIC. Here in the US, mention of either of those makes security people have dreams of Nigerian princes and Korean/Chinese hackers.

Don't get me wrong, these are long term US based governmental and educational institutions. Bonified, accredited institutions. When I call a health care organization, or a web hosting provider, the first thing I get is that they think we are trying to pull one over on them and all these ranges must be in Africa or Asia. I show them the ARIN information for the specific /16, and sometimes I can make some headway. Sometimes there's no convincing them. This issue appears to be getting worse over time, so I was wondering if some misguided organization or group is going around pressing for the rules that are triggering these issues? Is there a public information forum that might be able to educate security administrators to not cut off wide swaths of the US internet from taking advantage of their products and services?

It's very frustrating

Thanks

Shannon Spurling

shannon at more.net

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20181211/a383e4bd/attachment.html>


More information about the NANOG mailing list