Short Disclaimer: I frequently use the PEERING testbed myself, so I'm
genuinely interested in where and why people draw the boundary of what's
fine and what's not.

Fine : Experimentation. 

Not fine : Experimentation with number or ASN resources that are not yours without prior permission. 

The operations and engineering staff at my company should not have to trace down why one of our ASNs is suddenly announcing space that is not ours , and that is coming from a network that isn't under our control.  


On Mon, May 2, 2022 at 2:07 PM Lars Prehn <lprehn@mpi-inf.mpg.de> wrote:
Short Disclaimer: I frequently use the PEERING testbed myself, so I'm
genuinely interested in where and why people draw the boundary of what's
fine and what's not.

Iirc., the route collectors see a (drastically varying) number of
poisoned routes (assuming everything within a loop is poisoning) in the
DFZ at any point in time, affecting a (drastically varying) number of
ASNs, prefixes, and paths. So why would you expect this experiment to be
noticeable at all---I mean, compared to the day-to-day, "1% of the
Internet is beyond broken and does Yolo things" noise? Very similar
experiments have run in the past (e.g., [1] in 2018); did you notice them?

Would poisoning be tolerated if the PEERING testbed would be, e.g., some
security-obsessed org that wants to avoid that your infrastructure
touches any of its precious packets during the forwarding process? I
guess what I want to figure out is: Is it the intention behind the
poisoning experiments that bothers people or is the act of poisoning
itself?

Kind regards,
Lars

[1] https://arxiv.org/pdf/1811.03716.pdf

On 02.05.22 16:33, Raymond Dijkxhoorn via NANOG wrote:
> Hi!
>
>> > If I am interpreting this correctly that you are just going to yolo a
>> > bunch of random ASNs to poison paths with, perhaps you should consider
>> > getting explicit permission for the ASNs you want to use instead.
>> >
>> > A lot of operators monitor the DFZ for prefixes with their ASN in the
>> > path, and wouldn't appreciate random support tickets because their NOC
>> > got some alert. :)
>
>> Exatly that. How about you ask people to OPT-IN instead of you wanting
>> people to OPT-OUT of whatever experiment you feel you need to do with
>> other people's resources.
>
>> When you the last time you asked the entire internet?s  permission to
>> announce routes ?
>
> I dont exactly understand what you try to say its not about the route
> its about the path.
>
> If the insert 'my ASN' i certainly will complain wherever i can and no
> i will not opt out from that. I will assume they just do use my ASN.
> Weird thought?
>
> Bye, Raymond