Re: Operational Issues with 69.0.0.0/8...
ARIN explicitly does not guarantee routability of prefixes it assigns. If service providers choose to filter ARIN allocations, then that is an operational decision. I really don't see what action you expect ARIN to
take along these lines.
Clearly you haven't been following the ppml mailing list. As I have already suggested on that list, ARIN could publish an authoritative directory of all unallocated IP address space at the largest aggregate level in a form that makes it easy for network operators to incorporate into their martian filters. Fast forward to the time when everyone gets their filters directly or indirectly hooked up to the RIR's authoritative directory and this problem goes away. Yes, ARIN cannot directly make the problem go away but ARIN definitely can take action that will lead to a solution of the problem of martian filters. The only thing ARIN would have to guarantee is that their directory is authoritative, complete and updated at least once every 24 hours. The base directory could be published in LDAP form with a BGP version for people who find it easier to work with this. And no, I'm not suggested that anyone connect their productions routers directly to an ARIN BGP feed. Smaller network operators will probably find such a direct BGP feed to be convenient but I expect all the larger network operators to use the BGP feed as a way of monitoring for changes which would be reviewed by some clueful operator before building the filters. That should not be a problem assuming that ARIN issues addresses every weekday. --Michael Dillon
--On Monday, December 9, 2002 9:52 +0000 Michael.Dillon@radianz.com wrote:
Clearly you haven't been following the ppml mailing list. As I have already suggested on that list, ARIN could publish an authoritative directory of all unallocated IP address space at the largest aggregate level in a form that makes it easy for network operators to incorporate into their martian filters.
I have been following it quite closely, actually. Why would ARIN specifically provide such a list? ARIN is not responsible for the unallocated space, and there is more in the world than just ARIN. There are liability issues with that, not to mention the fact that it is more an IANA function (if for the sake of argument someone would implement the list).
And no, I'm not suggested that anyone connect their productions routers directly to an ARIN BGP feed. Smaller network operators will probably find such a direct BGP feed to be convenient but I expect all the larger network operators to use the BGP feed as a way of monitoring for changes which would be reviewed by some clueful operator before building the filters. That should not be a problem assuming that ARIN issues addresses every weekday.
I guess monitoring NANOG or some other mailing list for announcements is somehow a lot more work. Oh well. Alec - Alec H. Peterson -- ahp@hilander.com Chief Technology Officer Catbird Networks, http://www.catbird.com
In a message written on Mon, Dec 09, 2002 at 07:29:58AM -0700, Alec H. Peterson wrote:
Why would ARIN specifically provide such a list? ARIN is not responsible for the unallocated space, and there is more in the world than just ARIN. There are liability issues with that, not to mention the fact that it is more an IANA function (if for the sake of argument someone would implement the list).
The problem here is that ARIN (and the other registries) are the ones who can contact the users. When these things change all ISP's need to be notified. As much as many people on this list think that every ISP in the world reads Nanog it just isn't so. Who has a list of ISP's? Well, depending on your view of things I think a good argument can be made that it's either the list of everyone with an ASN (my preference, since those are the people who's route filtering matters), or everyone with IPv4 space allocated to them. The only entity with either of those lists is the registries, ARIN, RIPE, APNIC and soforth. If the offical notice needs to come from IANA that's fine, but it needs to go out to the list of members of the registries. IMHO it is there job to make sure IANA has a way to send those sorts of messages. -- Leo Bicknell - bicknell@ufp.org - CCIE 3440 PGP keys at http://www.ufp.org/~bicknell/ Read TMBG List - tmbg-list-request@tmbg.org, www.tmbg.org
--On Monday, December 9, 2002 9:48 -0500 Leo Bicknell <bicknell@ufp.org> wrote:
The problem here is that ARIN (and the other registries) are the ones who can contact the users.
But Michael is not talking about the registries _contacting_ people with a message about changes in unallocated blocks, he's talking about one specific regional registry providing a list of all unallocated space (that still 'belongs' to IANA/ICANN). The registries already provide notification about new allocations they receive, though not to individual users. Alec -- Alec H. Peterson -- ahp@hilander.com Chief Technology Officer Catbird Networks, http://www.catbird.com
In a message written on Mon, Dec 09, 2002 at 07:58:29AM -0700, Alec H. Peterson wrote:
But Michael is not talking about the registries _contacting_ people with a message about changes in unallocated blocks, he's talking about one specific regional registry providing a list of all unallocated space (that still 'belongs' to IANA/ICANN).
Right. Suggest a way IANA could reasonably notify all the users. I personally don't see one. So, responsible or not, they have no good way to notify people. The registries have a way to notify people. I'm sure these two groups can work together. Maybe ARIN, APNIC, and RIPE can get IANA mail their user mailing lists. Maybe IANA authorizes one (or all) of them to publish a list. That's up to them to work out. Point is, end users don't deal with IANA. They deal with the registries and for those in North America (this is nanog, isn't it) ARIN is it. As the communities desigated represenative to interface with IANA, I feel it is ARIN's duty to collect and distribute information from IANA. -- Leo Bicknell - bicknell@ufp.org - CCIE 3440 PGP keys at http://www.ufp.org/~bicknell/ Read TMBG List - tmbg-list-request@tmbg.org, www.tmbg.org
--On Monday, December 9, 2002 10:04 -0500 Leo Bicknell <bicknell@ufp.org> wrote:
Point is, end users don't deal with IANA. They deal with the registries and for those in North America (this is nanog, isn't it) ARIN is it. As the communities desigated represenative to interface with IANA, I feel it is ARIN's duty to collect and distribute information from IANA.
That is a good point, but you are talking about a periodic notification when new blocks are allocated. Michael is talking about an automated feed of all unallocated blocks. If we were to invert this and say that ARIN will provide a list of all blocks that are allocated to it, then that might be worth doing. Then each RIR could provide its own list and we don't run into the issues of a registry listing objects that it does not control. However, I get back to my original question. For people who insist on filtering unallocated address space, is it too much to ask that they either subscribe to NANOG, or potentially subscribe to an RIR-specific announce-only mailing list for such things? It seems really silly to me for the registries to spew a mailing to their entire contact database just to reach a handful of people who actually do route filtering. It does seem to me that this problem should have a really simple solution. Alec -- Alec H. Peterson -- ahp@hilander.com Chief Technology Officer Catbird Networks, http://www.catbird.com
So here's a question for people. For those who filter, what about the real-time feed that people want from the RIRs is different from this: lynx -dump http://www.iana.org/assignments/ipv4-address-space | grep "IANA - Reserved" ? Alec -- Alec H. Peterson -- ahp@hilander.com Chief Technology Officer Catbird Networks, http://www.catbird.com
LB> Date: Mon, 9 Dec 2002 10:04:52 -0500 LB> From: Leo Bicknell LB> Right. Suggest a way IANA could reasonably notify all the LB> users. I personally don't see one. So, responsible or not, LB> they have no good way to notify people. The registries have LB> a way to notify people. Correct. Then the issue is whether or not people respond. I like Jeff Wheeler's post... people who don't update their filters lose GTLD (and root?) nameserver service. And, again, while we're at it -- let's let the NSen in question end in .0 and .255 to help rid the Net of broken "smurf filters". LB> Point is, end users don't deal with IANA. They deal with the LB> registries and for those in North America (this is nanog, LB> isn't it) ARIN is it. As the communities desigated LB> represenative to interface with IANA, I feel it is ARIN's LB> duty to collect and distribute information from IANA. Give Rob Thomas official authority, a paycheck, and the necessary bandwidth. ;-) Eddy -- Brotsman & Dreger, Inc. - EverQuick Internet Division Bandwidth, consulting, e-commerce, hosting, and network building Phone: +1 (785) 865-5885 Lawrence and [inter]national Phone: +1 (316) 794-8922 Wichita ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Date: Mon, 21 May 2001 11:23:58 +0000 (GMT) From: A Trap <blacklist@brics.com> To: blacklist@brics.com Subject: Please ignore this portion of my mail signature. These last few lines are a trap for address-harvesting spambots. Do NOT send mail to <blacklist@brics.com>, or you are likely to be blocked.
Hi, Eddy. ] Give Rob Thomas official authority, a paycheck, and the necessary ] bandwidth. ;-) Hehe! I'll second that! :) No one would support it, though, once they saw my lousy code. :) Thanks, Rob. -- Rob Thomas http://www.cymru.com ASSERT(coffee != empty);
## On 2002-12-09 20:19 -0600 Rob Thomas typed: RT> RT> Hi, Eddy. RT> RT> ] Give Rob Thomas official authority, a paycheck, and the necessary RT> ] bandwidth. ;-) RT> RT> Hehe! I'll second that! :) No one would support it, though, once they RT> saw my lousy code. :) Hi Rob 1) I'd take your "lousy" >>>working<<< over "clean" bug riddled code any day ... (and who says that "closed source" code isn't built from lousy source anyway?) 2) Would you _really_ want official authority ? -- Regards Rafi
Hi, Rafi. ] 1) I'd take your "lousy" >>>working<<< over "clean" ... Thanks. :) ] 2) Would you _really_ want official authority ? No, not really. The way I look at it, I'm filling a niche until such time as the official authorities take on the task. That might be two days, or two decades. I'm willing and happy to do it until that day comes. Thanks, Rob. -- Rob Thomas http://www.cymru.com ASSERT(coffee != empty);
Alec H. Peterson wrote:
--On Monday, December 9, 2002 9:48 -0500 Leo Bicknell <bicknell@ufp.org> wrote:
The problem here is that ARIN (and the other registries) are the ones who can contact the users.
But Michael is not talking about the registries _contacting_ people with a message about changes in unallocated blocks, he's talking about one specific regional registry providing a list of all unallocated space (that still 'belongs' to IANA/ICANN).
IANA already maintains a public list of assigned space, and thus by negation a list of unassigned space. Anyone who cares enough to update their filters has all the information they need to. While sending gratuitous messages to ASN/SWIP contacts is a nice idea, it's still gratuitous. S
participants (8)
-
Alec H. Peterson -
E.B. Dreger -
Leo Bicknell -
Michael.Dillon@radianz.com -
Rafi Sadowsky -
Rob Thomas -
Stephen Sprunk -
Valdis.Kletnieks@vt.edu