On Mon, 28 Apr 2003, Jack Bates wrote:
Kai Schlichting wrote:
An example covering this exact case: 9.0.0.0/8 is such a space, owned by IBM.
Some illicit use documented at www.ris.ripe.net :
9.184.112.0/20 9.186.144.0/20 , both from AS 3786 (dacom.co.kr, bora.net) , since at least 2002/12/26.
IBM confirmed the bogosity of these announcements on 04/07, the routes got withdrawn on 04/14.
Actually, IBM confirmed that any announcements from 9/8 were guaranteed to be bogus. IBM uses 9/8 internally. They use NAT to convert 9/8 addresses back to routed addresses. One can imagine that IBM has a large internal network globally with interconnects to various partners. Yet many companies have found that utilization of NAT when communicating with the public networks is a sound addition to security.
Further to my earlier post.. a large global private network requiring unique space at many sites, they use 9/8 .. why not use 10/8 ??? (renumbering reasons aside that is!) Recall the counter argument from Stephen Sprunk was that it needed a per site allocation from a registry, and yet these guys are managing just fine without it! Steve
Private peering follows different rulesets than public. Many respectable organizations still don't understand that you can Peer privately without exporting each others advertisements in order to save expenditures to third parties when transiting traffic between the two networks. Security percautions are also treated different. What you would offer a partner sometimes exceeds the access you'd allow the public.
While there are benefits to registering space that isn't routed on the public network, such space needs to be declared as such. Until that time, people will continue to hijack those networks and use them for their own ends.
-Jack