Proof of ownership; when someone demands you remove a prefix
SNaslund at medline.com
Tue Mar 13 18:58:32 UTC 2018
The fact that it is a newer customer would make me talk to the RIR direct and verify that a dispute is really in progress. I would also look at some looking glasses and see if the prefix is being announced elsewhere, if so that might indicate that your customer is indeed stepping on a legit owner. I would also make it clear to the new customer that they are on thin ice here to light a fire under their process. Let them know that it is up to them to convince you that they are the legit owner. No one wants to lose a customer but they are threatening your business and putting you in legal jeopardy if they are not legit.
>From: NANOG [mailto:nanog-bounces at nanog.org] On Behalf Of Sean Pedersen
>Sent: Tuesday, March 13, 2018 12:39 PM
>To: nanog at nanog.org
>Subject: RE: Proof of ownership; when someone demands you remove a prefix
>This is more or less the situation we're in. We contacted the customer and they informed us the matter is in dispute with the RIR and that their >customer (the assignee) is in the process of resolving the issue. We have to allow them time to accomplish this. I've asked for additional information >to help us understand the nature of the dispute. In that time we received another request to stop announcing the prefix(s) in addition to a new set of >prefixes, and a threat to contact our upstream providers as well as ARIN - which is not the RIR the disputed resources are allocated to.
>This is a new(er) customer, so there is some merit to dropping the prefix and letting them sort it out based on the current RIR contact(s). However, >there is obvious concern over customer service and dropping such a large block of IPs.
>I'm definitely leaning toward "let the customer (or customer's customer) and the RIR sort it out" if the POC validates the request weighed responsibly >against customer age. However, from a customer service perspective, I think we owe it to our customers to make sure a request is legitimate before we >knock them offline. With a limited toolset to validate that information, I can't help but feel conflicted.
>I appreciate all the feedback this thread has generated so far!
More information about the NANOG