RE: [lir-wg] AS Number Policy
At 11:22 AM 10-07-02 -0400, Lu, Ping wrote:
-----Original Message----- From: Berislav Todorovic [mailto:beri@kpnqwest.net] Sent: Wednesday, July 10, 2002 6:38 AM To: Hank Nussbacher Cc: Christopher Sharp; lir-wg@ripe.net Subject: Re: [lir-wg] AS Number Policy
On Wed, 10 Jul 2002, Hank Nussbacher wrote:
I'd like to make a suggestion. Since these ASNs and IP blocks are the property of the RIRs, and since organizations are cybersquatting on these resources why shouldn't these RIRs advertise these IP blocks and ASNs themselves and blackhole them to their routers?
I'd like to back this idea!
However, even if ICANN itself suddenly gets stroken by lightning of technical wisdom and starts announcing unused /8's - that won't prevent offenders from announcing more specific routes, will it? On the other hand, announcing /24's will really pollute the global routing table, which is big enough anyway.
I don't think to blackholing traffic is a good idea, especially when bandwidth means money in today's internet.
RIRs should publish a list to include all the offending prefixes and the major ISPs will be more than happy to apply the prefix filter to block transit to those prefixes. There is already an IANA bogon filter floating around.
As mentioned earlier by someone, I'd hate to get an ASN or IP block that happened to be in the past inside such a published list. You can bet that somewhere, someplace, sometime, such a filter list will not be updated and will end up blocking someone inadvertantly. -Hank
RIPE NCC could add a filter-set object, let's say FLTR-RIPE-RESERVED-IPV4 and ARIN should have a FLTR-ARIN-RESERVED-IPV4 object, APNIC also should have a FLTR-APNIC-RESERVED-IPV4 object. Then all major ISPs could apply these filter to block transit traffic for these prefixes.
Still, having a service like Paul Vixie's AS7777 would help a lot: an ISP willing to receive blackhole routes would bring a route server on their backbone, establish a peering session with "IANA blackhole AS" and use the routes to construct filters etc.
Regards, Beri
Blocking is a better idea than blackholing....
Ping Lu Cable & Wireless USA Network Tools and Analysis Group W: +1-703-292-2359 E: plu@cw.net
participants (1)
-
Hank Nussbacher