On the topic of announcing PA /24's, what procedures do you take to make sure that a new customer who want's to announce a few PA (P being one or more P's other than yourself) IP space is legit and should be announcing that IP space? I'm not sure what they do internally, but I know Sprint, C&W, UUNet, Genuity, Level3, MFN and Broadwing will all comply with a customer's request to route space with nothing in writing other than an email request / webform filled out / route objects properly setup. A client multihomed to a few of those providers (and who has a /24 from each provider) just signed up with a 4th provider. P4 wants an LOA on company letterhead from each other P authorizing the client to announce those other P's /24's. This is the first time I've ever heard of such precautions. The client was really not ammused, but I explained that it's possible P4 (who has a rep for doing business with spammers) has gotten burned by customers announcing hijacked (or otherwise unauthorized) blocks and just wants to be extra careful now. Personally, I just check whois, and if it looks legit, I'll listen to those routes and even create their route objects as necessary, since some of our upstreams require that. ---------------------------------------------------------------------- Jon Lewis *jlewis@lewis.org*| I route Senior Network Engineer | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________