----- Original Message ----- From: "Peter van Dijk" <petervd@vuurwerk.nl> To: <nanog@merit.edu> Sent: Sunday, July 09, 2000 12:08 PM Subject: Re: No, ORBS is a good tool [WAS: Alright, ORBS sucks - next topic, please ;) [was RE: RBL-type BGPservice for known rogue networks?]]
We currently host the ORBS tester. We've had several incidents where traffic from our network to the NZ-based site (where the database and website run) dropped to a dead stop inside AboveNet space.
So their restrained the transit they sold... without notifying the contract holder I guess.
AboveNet has, at one time, blackholed our /24, including our nameservers, everywhere they could. This meant 30.000 domains were *unreachable* for abovenet customers.
The problem stems in the fact that Vixie and Rand, in their role as AboveNet staff, take it upon themselves to not only demand that ORBS not test their own network, but also that the tests do not pass their
routes. Two weeks ago our primary /24 got nullrouted inside AboveNet space without any prior communication from their side (no abuse-complaints, no mail to our uplinks, nothing), effectively blocking around 30,000 domains from being reachable.
As I stated in another email, indeed, AboveNet does not warn or complain. They just blackhole.
I took up communication with vixie, basically trying to get into some
of dialogue to get issues settled. The core of his reply is that he does not want to provide any information to ORBS to enable them to comply to his demands of ORBS tests not passing AboveNet transit and he demands
Well we cannot really oppose this, who on this list is providing access to the entire whole internet? Obviously not abovenet. If they want to deny traffic from the tester entering their network, why not. You should make sure that no other traffic (your business) is hurt by this. Why not setup an AS with a /24 and run the tester from there? Or several of them in diverse locations. transit form that
we take the testers offline. We're still pondering our options here. Silly as this entire venture is, we may not be able to afford losing routability for our customer base so we might actually have to give in to his demands.
Which would be a big bloody shame :(
Sure it would. It should be possible to avoid AboveNet though. Isolate the tester from your business and let him block the new /24 if he wants. And make sure that the facts are clearly explained on the web; your previous email was pretty clear I think.