On Wed, 13 Mar 2002, Philip Smith wrote:
Kurt, check out http://www.apnic.net/meetings/13/sigs/routing/index.html - Geoff Huston proposed a mechanism for exactly what you are asking... Action item on me (as Routing SIG chair) to talk to APNIC/ARIN/RIPENCC... Shouldn't be hard to set up a simple system which people can get an eBGP-multihop feed listing the unused addresses.
There are two problems from my personal PoV: a) administrative overhead of multiple eBGP feeds. ( I mention this for completeness ) b) Loss of the service in the midst of a DoS attack. With (b), if you are depending on the service to protect yourself from spoofed IP attacks apparently originating from unused space, then an attack focused on the distribution channel (ie, router at each end, or transit in-between) may open you up to the attack you are supposedly protecting yourself against. The distribution channel attack may also take the form of impersonating the RIR end of the eBGB feed, as could happen with any unsecured (e)BGP connection (the information is only as good as the method used to get it). Randy's point about liability is well taken. Any such service would be intended for use as informational only. What you do with such information is your problem, and not that of the Registry. From a technical perspective, providing the same information in RBL-style DNS zones is also doable in addition to/instead of eBGP. Retrieving the information in the first place is simple, deciding how to distribute it is another matter ;) Regards, -- Bruce Campbell RIPE Systems/Network Engineer NCC www.ripe.net - PGP562C8B1B Operations