Announcement of Experiments

nanog at jima.us nanog at jima.us
Mon May 2 18:50:48 UTC 2022


The real question is, does this follow "good research practice?" The responses on this list would suggest "no."

FWIW: https://intra.kth.se/en/forskning/overgripande-stod/etik-och-god-forskni/avvikelse-fran-god-forskningssed-1.1112846

- Jima

From: NANOG <nanog-bounces at nanog.org> On Behalf Of Tom Beecher
Sent: Monday, May 2, 2022 13:41
To: Lars Prehn <[redacted]>
Cc: NANOG <nanog at nanog.org>
Subject: Re: Announcement of Experiments

Short Disclaimer: I frequently use the PEERING testbed myself, so I'm
genuinely interested in where and why people draw the boundary of what's
fine and what's not.

Fine : Experimentation. 

Not fine : Experimentation with number or ASN resources that are not yours without prior permission. 

The operations and engineering staff at my company should not have to trace down why one of our ASNs is suddenly announcing space that is not ours , and that is coming from a network that isn't under our control.  


On Mon, May 2, 2022 at 2:07 PM Lars Prehn <[redacted]> wrote:
Short Disclaimer: I frequently use the PEERING testbed myself, so I'm 
genuinely interested in where and why people draw the boundary of what's 
fine and what's not.

Iirc., the route collectors see a (drastically varying) number of 
poisoned routes (assuming everything within a loop is poisoning) in the 
DFZ at any point in time, affecting a (drastically varying) number of 
ASNs, prefixes, and paths. So why would you expect this experiment to be 
noticeable at all---I mean, compared to the day-to-day, "1% of the 
Internet is beyond broken and does Yolo things" noise? Very similar 
experiments have run in the past (e.g., [1] in 2018); did you notice them?

Would poisoning be tolerated if the PEERING testbed would be, e.g., some 
security-obsessed org that wants to avoid that your infrastructure 
touches any of its precious packets during the forwarding process? I 
guess what I want to figure out is: Is it the intention behind the 
poisoning experiments that bothers people or is the act of poisoning 
itself?

Kind regards,
Lars

[1] https://arxiv.org/pdf/1811.03716.pdf

On 02.05.22 16:33, Raymond Dijkxhoorn via NANOG wrote:
> Hi!
>
>> > If I am interpreting this correctly that you are just going to yolo a
>> > bunch of random ASNs to poison paths with, perhaps you should consider
>> > getting explicit permission for the ASNs you want to use instead.
>> >
>> > A lot of operators monitor the DFZ for prefixes with their ASN in the
>> > path, and wouldn't appreciate random support tickets because their NOC
>> > got some alert. :)
>
>> Exatly that. How about you ask people to OPT-IN instead of you wanting
>> people to OPT-OUT of whatever experiment you feel you need to do with
>> other people's resources.
>
>> When you the last time you asked the entire internet?s  permission to 
>> announce routes ?
>
> I dont exactly understand what you try to say its not about the route 
> its about the path.
>
> If the insert 'my ASN' i certainly will complain wherever i can and no 
> i will not opt out from that. I will assume they just do use my ASN. 
> Weird thought?
>
> Bye, Raymond


More information about the NANOG mailing list