I haven't followed this entire string. Are you saying ARIN is repeatedly handing out address space to known abusers? If that's the case then yes, some form of policy should be worked on. If on the administrative level ARIN is not researching returned blocks for abuse complaints and working to clean them up, then...I suppose policy could be proposed. I'm just not sure if that's really where the brunt of assignments to abusers is happening.
From experience I learned the most effective place for abuse stopping is at the network level. Back in 2001 my network had serious problems with this. Making a sale was more important than ensuring abuse didn't occur. However, I worked to install a policy that required customer review before assigning them address space. If public records showed abuse (which was really easy to find) or public records showed a business model that would be really only something leading to abuse complaints then engineering had the veto power to not permit the potential customer onto our network. We managed to go from allot of abuse to essentially zero in 1 year. Then we worked to clean up the damaged blocks.
Granted, if a network or company goes out of business they wont care if the addresses are clean when they return them to ARIN. So maybe this is where some proposal could focus. Also, if this is a case where an entity is able to qualify for direct ARIN allocations and they are habitual at turning over because their business is essentially abusing the network, then policy could focus there as well. Its easy to create a new company name, but from experience the owners name still stays the same for the most part, so a review of the company before allocation would catch that. In reality, we would all benefit if policy to stop it before it happens and policy to clean it up before reissuing existed at the registry and the network level. It would be interesting to see what legal and staff would have to say about taking those types of measures. Controlling this type of abuse and the clean up of it is one of the older arguments for not permitting just anyone direct allocations from ARIN. Abuse and clean up is better managed and cared for at the larger Network levels. Im not looking to open a debate on this last comment. ;o) Its just something that popped into my head as to one of the explanations for why specific levels of qualifications for direct allocations from ARIN existed with IPv4. My 2cents. sorry if it seemed long Cheers, Marla Azinger Frontier Communications Sr Data Engineer -----Original Message----- From: Christopher Morrow [mailto:morrowc.lists@gmail.com] Sent: Monday, September 14, 2009 9:40 AM To: Chris Marlatt Cc: John Curran; nanog@nanog.org Subject: Re: Hijacked Blocks On Mon, Sep 14, 2009 at 11:58 AM, Chris Marlatt <cmarlatt@rxsec.com> wrote:
Christopher Morrow wrote:
The end of the discussion was along the lines of: "Yes, we know this guy is bad news, but he always comes to us with the proper paperwork and numbers, there's nothing in the current policy set to deny him address resources. Happily though he never pays his bill after the first 12 months so we just reclaim whatever resources are allocated then." (yes, comments about more address space ending up on BL's were made, and that he probably doesn't pay because after the first 3 months the address space is 'worthless' to him...)
How should this get fixed? Is it possible to make policy to address this sort of problem?
-chris
If this is the case one could argue that ARIN should be reserving this "worthless" address space to be used when they receive similar requests in the future. There's no reason personX should get fresh, clean address space when they make additional requests.
That implies some process changes inside ARIN (I think) and effectively saving 'your old space' for some period of time in escrow for you. This doesn't sound unreasonable, perhaps you put forth some policy verbiage on ppml? -chris