Having a different number/email address on your AS than what's on your domain name might solve some of these problems- it might not. Being much more aggressive and outwardly unfriendly to people who call the number on your AS records becomes realistic if you have distinctly declared it for NOC communications only.
Please define "NOC communications only." Are Smurf reports considered NOC communications. How about Spam reports, spoofing addresses, or web pages being down? How about "I can't get through (i.e. I didn't want to wait) to your regular number so I called this one." Fact of the matter is every piece of contact information I have listed in ARIN's database or on a public web page has ended up on a junk mailing/calling list. The contact information which I only give out directly to other NOCs has NEVER been abused. Perhaps we should ask GTE Superpages, UUNET telemarketing, and Bull's Eye Target E-mail why do they use these particular set of contacts for their marketing efforts?
I disagree with your point that NOC-to-NOC communications should ever be forwarded to a general number, even with adequate training.
Is there a Turing test for contact information? There are organizations with extremely good communication operations which provide even better service than calling your favorite NOC engineer directly. Unfortunately they are rare, and as you pointed out, tend to only last as long as the next re-organization plan.
My point exactly - we all have proof that the current system doesn't work very well.
If it doesn't affect the share price, it seems like the management of most major ISPs could care less. This is, was, and always will be a management problem. We can come up with all the clever technical ideas to try to address reasons management gives for not doing something. But until some clever analysist decides this is an issue that can affect earnings, e.g. the Y2000 issue, not much is going to happen.
We already have a central authority that collects two perfectly good points of information about each AS in North America (supposedly.)
Yeah, right. Dear Sprint, Vab is gone. Since you have not updated your contact information in a prompt fashion, your AS numbers will be withdrawn at Midnight. Have a nice day. As far as most provider's are concerned there is no penalty for having out of date or bogus contact information. They view it as just one more added cost, and something that only benefits their competitors and not themselves. That is until they read about themselves on the front-page of the New York Times. Then the managers start yelling at the engineers "Why didn't you tell us it was a problem." Well, I think I've flogged this dead horse enough this time. Maybe we can have this discussion again in another six months. -- Sean Donelan, Data Research Associates, Inc, St. Louis, MO Affiliation given for identification not representation
On Mon, 13 Jul 1998, Sean Donelan wrote:
The contact information which I only give out directly to other NOCs has NEVER been abused.
Here is the key to this problem. How can you publish contact information in such a way that it only goes to other NOCs. And conversely, how can you ensure that you have access to the contact information of all other NOCs. I suspect that there may be a way for the IP registries (ARIN, RIPE and APNIC) to facilitate this with some kind of replicated database in which change notifications only go out to entities listed in the database. That way every NOC could maintain their own complete copy of a global NOC contacts database and the only need for queries would be to process update notifications and do the occasional resync with the master copy.
Yeah, right.
Dear Sprint, Vab is gone. Since you have not updated your contact information in a prompt fashion, your AS numbers will be withdrawn at Midnight. Have a nice day.
This *WILL* be happening in the near future. Not maintaining up to date contact info is tantamount to aiding and abetting DoS attacks. It won't be long now before there is some government scrutiny of operational practices which are related to finding and fixing failures fast.
That is until they read about themselves on the front-page of the New York Times. Then the managers start yelling at the engineers "Why didn't you tell us it was a problem."
Smart engineers are proactive and warn their managers of the dangers of not following prudent operational practices.
Maybe we can have this discussion again in another six months.
Please do. I know that your regular rehashing of these issues has had a positive impact on a lot of providers. -- Michael Dillon - Internet & ISP Consulting Memra Communications Inc. - E-mail: michael@memra.com Check the website for my Internet World articles - http://www.memra.com
How about a major oversimplification of a fix. Closed mailing list. One primary contact for each company is designated and allowed to join the list. Every 2 weeks (maybe a month?) an email is autogenerated that must be ACK'd or that companies NOC entry is considered stale. The person on the mailing list is responsible for ensuring contact info is updated. Participants in the list would be able to send a request to the list for current info on another noc...not a web page. Something more along the line of: To: noc-list@whoever.com From: authorized@whoever1.com Subject: NOC: usweb.com The mailing list would respond with the most current NOC information -- and the info could be distributed so if one server was down, another server could be queried. Elimiates the spammer friendly 'whois'. Hey, maybe it could even provide a time-sensitive response :) The contact info that is provided is kept -confidential- between the participants of the list, though some leakage will happen. Maybe getting address space would have a requirement that the company have a participant. Now, any volunteers for housing the database? Maybe ARIN... BTW, I think the line printer idea rules :) Derek Elder US Web / Gray Peak Technologies Network Engineering 212-548-7468 Pager - 888-232-5028 delder@graypeak.com http://www.usweb.com A Strategic Partner for the Information Age. -----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of Michael Dillon Sent: Monday, July 13, 1998 5:17 PM To: nanog@merit.edu Subject: Re: NOC communications On Mon, 13 Jul 1998, Sean Donelan wrote:
The contact information which I only give out directly to other NOCs has NEVER been abused.
Here is the key to this problem. How can you publish contact information in such a way that it only goes to other NOCs. And conversely, how can you ensure that you have access to the contact information of all other NOCs. I suspect that there may be a way for the IP registries (ARIN, RIPE and APNIC) to facilitate this with some kind of replicated database in which change notifications only go out to entities listed in the database. That way every NOC could maintain their own complete copy of a global NOC contacts database and the only need for queries would be to process update notifications and do the occasional resync with the master copy.
Yeah, right.
Dear Sprint, Vab is gone. Since you have not updated your contact information in a prompt fashion, your AS numbers will be withdrawn at Midnight. Have a nice day.
This *WILL* be happening in the near future. Not maintaining up to date contact info is tantamount to aiding and abetting DoS attacks. It won't be long now before there is some government scrutiny of operational practices which are related to finding and fixing failures fast.
That is until they read about themselves on the front-page of the New York Times. Then the managers start yelling at the engineers "Why didn't you tell us it was a problem."
Smart engineers are proactive and warn their managers of the dangers of not following prudent operational practices.
Maybe we can have this discussion again in another six months.
Please do. I know that your regular rehashing of these issues has had a positive impact on a lot of providers. -- Michael Dillon - Internet & ISP Consulting Memra Communications Inc. - E-mail: michael@memra.com Check the website for my Internet World articles - http://www.memra.com
On Mon, Jul 13, 1998 at 02:17:18PM -0700, Michael Dillon wrote:
Yeah, right.
Dear Sprint, Vab is gone. Since you have not updated your contact information in a prompt fashion, your AS numbers will be withdrawn at Midnight. Have a nice day.
This *WILL* be happening in the near future. Not maintaining up to date contact info is tantamount to aiding and abetting DoS attacks. It won't be long now before there is some government scrutiny of operational practices which are related to finding and fixing failures fast.
I'd love to see some proof of this... -- Steven J. Sobol - Founding Member, Postmaster/Webmaster, ISP Liaison -- Forum for Responsible & Ethical E-mail (FREE) - Dedicated to education about, and prevention of, Unsolicited Broadcast E-mail (UBE), also known as SPAM. Info: http://www.ybecker.net
At 00:45 7/14/98 -0400, you wrote:
On Mon, Jul 13, 1998 at 02:17:18PM -0700, Michael Dillon wrote:
Yeah, right.
Dear Sprint, Vab is gone. Since you have not updated your contact information in a prompt fashion, your AS numbers will be withdrawn at Midnight. Have a nice day.
This *WILL* be happening in the near future. Not maintaining up to date contact info is tantamount to aiding and abetting DoS attacks. It won't be long now before there is some government scrutiny of operational practices which are related to finding and fixing failures fast.
I'd love to see some proof of this...
So would I, since I've been agitating for it since ARIN came into existance. I even posted a proposal here a couple of months back that met with some derision and lots of reasons why it can't happen (and one in which my opinion carried no weight since I didn't have a membership). Maybe if ARIN can do it, InterNIC can, too. Then again...if InterNIC continues in their current fashion, maybe it'll hurt them in the coming registration wars... Spammers: more disgusting than roaches. Dean Robb PC-EASY computer services (757) 495-EASY [3279]
PGP signature of NOC can help you?
The contact information which I only give out directly to other NOCs has NEVER been abused.
Here is the key to this problem. How can you publish contact information in such a way that it only goes to other NOCs. And conversely, how can you ensure that you have access to the contact information of all other NOCs. I suspect that there may be a way for the IP registries (ARIN, RIPE and APNIC) to facilitate this with some kind of replicated database in which change notifications only go out to entities listed in the database. That way every NOC could maintain their own complete copy of a global NOC contacts database and the only need for queries would be to process update notifications and do the occasional resync with the master copy.
Since you mentioned Sprint, I will say that we sent a request to ARIN to get Vab off our records over a month ago. They have promised me that this will be in effect tomorrow. Perhaps the new modification template Kim announced will help. One thing that would also be cool would be a way to search on a particular ARIN-handle to find out if someone who left your company is listed on any of your records. Unfortunately, with spammers using whois the way they do, this would probably be too easy to abuse. Sarah
We already have a central authority that collects two perfectly good points of information about each AS in North America (supposedly.)
Yeah, right.
Dear Sprint, Vab is gone. Since you have not updated your contact information in a prompt fashion, your AS numbers will be withdrawn at Midnight. Have a nice day.
As far as most provider's are concerned there is no penalty for having out of date or bogus contact information. They view it as just one more added cost, and something that only benefits their competitors and not themselves. That is until they read about themselves on the front-page of the New York Times. Then the managers start yelling at the engineers "Why didn't you tell us it was a problem."
Perhaps the new modification template Kim announced will help. One thing that would also be cool would be a way to search on a particular ARIN-handle to find out if someone who left your company is listed on any of your records. Unfortunately, with spammers using whois the way they do, this would probably be too easy to abuse. If ARIN used the RIPE database you could do something like whois -h whois.apnic.net -i admin-c,tech-c,zone-c MP151 Mark.
participants (8)
-
Alex P. Rudnev -
Dean Robb -
Derek Elder -
Mark Prior -
Michael Dillon -
Sarah Garfinkel -
Sean Donelan -
Steven J. Sobol