I don't think ARIN can help the situation. ISPs just need to remove
the
access lists from each router in the network and centralize them.
I totally agree with you. However, as always, centralized systems, while ease management and scalability, everything becomes a trust issue and a single point of failure or source of problems...
May be, this could be a subscription based type of service, something
Yeah, who would you trust to maintain a centralized database of IP address ranges? like
RADB, where everyone subscribes into a central filtering list that is managed by a seperate organization?
Yup, you're right. This should be done by a 3rd party organization, not an ISP. I wonder whether there are any 3rd party organizations trusted by ISPs that have experience in maintaining a database of IP address ranges? ARIN, perhaps?
I really like the Rob's bogon route-server setup.
That's probably because you are a router geek. I have nothing against Rob's setup but I know that the vast majority of geeks know nothing about route-servers and have no incentive to learn about them. But they all know what LDAP is, some of them already run LDAP servers and the rest probably plan to learn more about LDAP some day. We could leverage that widespread knowledge of LDAP by publishing route data (or any other data regarding attributes of IP address ranges) using the IETF standard LDAPv3 protocol. In fact, I know that Rob is considering setting up an LDAP server as an alternative way to offer bogon data. I think this is a great idea as a testbed, i.e. offer the data through many protocols and see which is most popular. Howevere, I think that when it does become popular, it needs to be integrated with ARIN's authoritative database of IP address delegations. -- Michael Dillon