On Thu, 24 Mar 2005, Christopher L. Morrow wrote:
is arin the problem here? or are 'lazy'/'dumb'/'mistaken'/'poorly informed' admins the problem?
Lazy/misguided/ex admins / downsized networks are the problem. ARIN is in a unique position to be able to do something to at least try to mitigate the problem without too much effort before handing "damaged IP space" out to members. The current situation frustrates those who don't know what to do, and encourages them to look elsewhere for the IP space they need.
I think it's important to remember the "lazy/dumb/mistaken/poorly informed" folk alluded to above are NOT the ones receiving IP address space, but people elsewhere in (and all over) the world.
of course, I should have been more clear, sorry :)
That was totally clear to me. It's the people who set and forget about (or set and get laid off) bogon packet/route filters that have caused this problem. The unfortunate thing is that they don't seem to learn from their mistakes. Each time a new /8 goes from bogon to RIR assigned, the end users of those new allocations end up dealing with the same problems each former bogon /8 did before them. How many times does a network have to be contacted by users of 69/8, 70/8, 71/8, before they stop and think "hey, maybe these static bogon filters weren't such a great idea...how about we just scrap them?"...or maybe its just that new static bogon filters are being put in place and forgotten...so a network that didn't have bogon filters when 69/8 went into use does now.
The idea of ARIN temporarily lighting address space in any new block, and providing a test target is reasonable, relatively inexpensive and sensible.
this requires the above lazy/dumb/mistaken/poorly-informed masses to want to hit the targets as well, eh? :(
Exactly why even though it may help a little, it's not a solution. The solution has to be more active (vs passive). Setup something in that new IP space, and do reachability testing (or let others do it as RIPE has done). That's quite a bit more involved than just setting up a host and saying "hey, ping this", but how else are you going to know where the filters are? If ARIN did this, they could setup something very similar to what I did on 69box, and have a "hall of shame" page listing the networks (IPs) unreachable from the new space, but reachable from older space. At least then members given former bogon IP blocks could go to that page, see if there are any networks listed that they might care about reachability to, and try to make contact themselves with those networks they care about in order to get their bogon issues resolved. ---------------------------------------------------------------------- Jon Lewis | I route Senior Network Engineer | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________