Re: more-specifics in class B space?
On Wed, 22 March 2000, Joe Provo - Network Architect wrote:
It also appears that there are parties who received address delegations within classical B space and are parceling chunks out, without any delegation or registration. Without that administrativia, and no clear customer-vendor relationship in an AS path, how does this behavior look any different to address hijacking?
This was the primary reason why I didn't listen to more specifics than normal ARIN CIDR delegations. I was willing to punch a hole for anyone who could come up with a good story, but almost all the announcements were mistakes or hijacks. Someone unknown person would announce a /17 out of a university's address block, and black hole half of the university. This is a severe, but silent, problem in today's Internet. These hijackings have resulted in worse DoS attacks than the Yahoo! floods in February, but because so few NOCs know what to look for, most people just think its the flacky Internet. Yes, I'm aware of AS 702. It still doesn't make it right. My question is why can't you announce an aggregate matching the allocated address block? If you have no common AS path, no common administrative authority, no common provider, why are you using the same network block? In every case I've come across so far, the correct answer is either get seperate blocks or announce an aggregate at your border or your upstream's border. This is the usual answer in the case of a state university with several campuses. They may have more specifics within their network and their upstreams, but the upstream announces a common aggregate for the entire state network. Or if they are truely independent institutions they should get independent address blocks from one of the address registries on an appropriate boundary. This is a different issue than getting the registries to allocate small CIDR blocks.
participants (1)
-
Sean Donelan