Lightly used IP addresses
At the risk of getting called out for posting possibly operationally significant stuff in the middle of a massive retrospective about WCOM's acquisitions, here's a circleid post from a couple days ago from John Curran at ARIN. http://www.circleid.com/posts/psst_interested_in_some_lightly_used_ip_addres... Discuss. :-) Sent at 55 MPH or slower from my iPhone
http://www.circleid.com/posts/psst_interested_in_some_lightly_used_ip_addres... Discuss. :-)
I don't entirely understand the process. Here's the flow chart as far as I've figured it out: 1. A sells a /20 of IPv4 space to B for, say, $5,000 2. A tells ARIN to transfer the chunk to B 3. ARIN says no, B hasn't shown that they need it 4. A and B say screw it, and B announces the space anyway 5. ??? R's, John
On Fri, Aug 13, 2010 at 12:36 PM, John Levine <johnl@iecc.com> wrote:
I don't entirely understand the process. Here's the flow chart as far as I've figured it out:
1. A sells a /20 of IPv4 space to B for, say, $5,000
2. A tells ARIN to transfer the chunk to B
3. ARIN says no, B hasn't shown that they need it
4. A and B say screw it, and B announces the space anyway
5. ???
Alternate #4: A "rents" the space to B without ARIN knowing it, while A continues to claim that the space belongs to them. -- Brandon Galbraith Voice: 630.492.0464
On Aug 13, 2010, at 10:36 AM, John Levine wrote:
http://www.circleid.com/posts/psst_interested_in_some_lightly_used_ip_addres... Discuss. :-)
I don't entirely understand the process. Here's the flow chart as far as I've figured it out:
1. A sells a /20 of IPv4 space to B for, say, $5,000
2. A tells ARIN to transfer the chunk to B
3. ARIN says no, B hasn't shown that they need it
4. A and B say screw it, and B announces the space anyway
5. ???
R's, John
6. ARIN receives a fraud/abuse complaint that A's space is being used by B. 7. ARIN discovers that A is no longer using the space in accordance with their RSA 8. ARIN reclaims the space and A and B are left to figure out who owes what to whom.
On Fri, Aug 13, 2010 at 10:44:12AM -0700, Owen DeLong said:
6. ARIN receives a fraud/abuse complaint that A's space is being used by B. 7. ARIN discovers that A is no longer using the space in accordance with their RSA 8. ARIN reclaims the space and A and B are left to figure out who owes what to whom. >
How does this step (8) work, this 'reclaiming'? /kc -- Ken Chase - ken@heavycomputing.ca - +1 416 897 6284 - Toronto CANADA Heavy Computing - Clued bandwidth, colocation and managed linux VPS @151 Front St. W.
9. I could point out so many cases of "justification abuse" or outright fraudulent justification and I bet nothing would actually transpire. My two cents. Jeff On Fri, Aug 13, 2010 at 10:14 PM, Owen DeLong <owen@delong.com> wrote:
On Aug 13, 2010, at 10:36 AM, John Levine wrote:
http://www.circleid.com/posts/psst_interested_in_some_lightly_used_ip_addres... Discuss. :-)
I don't entirely understand the process. Here's the flow chart as far as I've figured it out:
1. A sells a /20 of IPv4 space to B for, say, $5,000
2. A tells ARIN to transfer the chunk to B
3. ARIN says no, B hasn't shown that they need it
4. A and B say screw it, and B announces the space anyway
5. ???
R's, John
6. ARIN receives a fraud/abuse complaint that A's space is being used by B. 7. ARIN discovers that A is no longer using the space in accordance with their RSA 8. ARIN reclaims the space and A and B are left to figure out who owes what to whom.
-- Jeffrey Lyon, Leadership Team jeffrey.lyon@blacklotus.net | http://www.blacklotus.net Black Lotus Communications of The IRC Company, Inc. Follow us on Twitter at http://twitter.com/ddosprotection to find out about news, promotions, and (gasp!) system outages which are updated in real time. Platinum sponsor of HostingCon 2010. Come to Austin, TX on July 19 - 21 to find out how to "protect your booty."
Jeff, Go for it. I've always wondered what ARIN had between it's legs. Andrew On 8/13/2010 1:53 PM, Jeffrey Lyon wrote: > 9. I could point out so many cases of "justification abuse" or > outright fraudulent justification and I bet nothing would actually > transpire. > > My two cents. > > Jeff > > > On Fri, Aug 13, 2010 at 10:14 PM, Owen DeLong<owen@delong.com> wrote: >> On Aug 13, 2010, at 10:36 AM, John Levine wrote: >> >>>> http://www.circleid.com/posts/psst_interested_in_some_lightly_used_ip_addresses/ >>>> Discuss. :-) >>> I don't entirely understand the process. Here's the flow chart as far >>> as I've figured it out: >>> >>> 1. A sells a /20 of IPv4 space to B for, say, $5,000 >>> >>> 2. A tells ARIN to transfer the chunk to B >>> >>> 3. ARIN says no, B hasn't shown that they need it >>> >>> 4. A and B say screw it, and B announces the space anyway >>> >>> 5. ??? >>> >>> R's, >>> John >> 6. ARIN receives a fraud/abuse complaint that A's space is being used by B. >> 7. ARIN discovers that A is no longer using the space in accordance with their RSA >> 8. ARIN reclaims the space and A and B are left to figure out who owes what to whom. >> >> >> > >
If you know of actual fraud or abuse, please report it to ARIN. ARIN does investigate and attempt to resolve those issues. Owen On Aug 13, 2010, at 10:58 AM, Andrew Kirch wrote: > Jeff, > > Go for it. I've always wondered what ARIN had between it's legs. > > Andrew > > On 8/13/2010 1:53 PM, Jeffrey Lyon wrote: >> 9. I could point out so many cases of "justification abuse" or >> outright fraudulent justification and I bet nothing would actually >> transpire. >> >> My two cents. >> >> Jeff >> >> >> On Fri, Aug 13, 2010 at 10:14 PM, Owen DeLong<owen@delong.com> wrote: >>> On Aug 13, 2010, at 10:36 AM, John Levine wrote: >>> >>>>> http://www.circleid.com/posts/psst_interested_in_some_lightly_used_ip_addresses/ >>>>> Discuss. :-) >>>> I don't entirely understand the process. Here's the flow chart as far >>>> as I've figured it out: >>>> >>>> 1. A sells a /20 of IPv4 space to B for, say, $5,000 >>>> >>>> 2. A tells ARIN to transfer the chunk to B >>>> >>>> 3. ARIN says no, B hasn't shown that they need it >>>> >>>> 4. A and B say screw it, and B announces the space anyway >>>> >>>> 5. ??? >>>> >>>> R's, >>>> John >>> 6. ARIN receives a fraud/abuse complaint that A's space is being used by B. >>> 7. ARIN discovers that A is no longer using the space in accordance with their RSA >>> 8. ARIN reclaims the space and A and B are left to figure out who owes what to whom. >>> >>> >>> >> >> >
On Fri, Aug 13, 2010 at 10:23:56PM +0430, Jeffrey Lyon wrote:
9. I could point out so many cases of "justification abuse" or outright fraudulent justification and I bet nothing would actually transpire.
My two cents.
Jeff
if you have data on abuse, please use the ARIN abuse reporting tools. https://www.arin.net/abuse.html --bill
On Fri, Aug 13, 2010 at 12:44 PM, Owen DeLong <owen@delong.com> wrote:
6. ARIN receives a fraud/abuse complaint that A's space is being used by B. 7. ARIN discovers that A is no longer using the space in accordance with their RSA 8. ARIN reclaims the space and A and B are left to figure out who owes what to whom.
So is there a fine line between "selling"/"renting" the space to B and providing 1Mbit of bandwidth over a GRE tunnel to B and allowing them to announce the space via any other transit provider? I'm just curious what the difference is (besides a bit of technical work with the latter). It will be interesting to see what happens as the last of the IPv4 space is exhausted. -- Brandon Galbraith Voice: 630.492.0464
On Fri, Aug 13, 2010 at 10:44:12AM -0700, Owen DeLong wrote:
On Aug 13, 2010, at 10:36 AM, John Levine wrote:
http://www.circleid.com/posts/psst_interested_in_some_lightly_used_ip_addres... Discuss. :-)
I don't entirely understand the process. Here's the flow chart as far as I've figured it out:
1. A sells a /20 of IPv4 space to B for, say, $5,000
2. A tells ARIN to transfer the chunk to B
3. ARIN says no, B hasn't shown that they need it
4. A and B say screw it, and B announces the space anyway
5. ???
R's, John
6. ARIN receives a fraud/abuse complaint that A's space is being used by B. 7. ARIN discovers that A is no longer using the space in accordance with their RSA 8. ARIN reclaims the space and A and B are left to figure out who owes what to whom.
could you provide 4 numbers for me please? ) % of ARIN managed resource covered by standard RSA? ) % of ARIN managed legacy resource covered by legacy RSA? ) % of ARIN managed legacy resource not otherwise covered? ) % of ARIN region entities (A & B above) that have offices/relationships with other RIRs that have a divergent transfer process in place? I think your analysis might be true for my first bucket, am less sure it would work for the remaining three. --bill
how does ARIN or whomever deal with similar situations where someone is advertising un-allocated, un-assigned by ARIN IP space in NA? do they have a deal/agreement with the 'backbone' providers? -g
6. ARIN receives a fraud/abuse complaint that A's space is being used by B. 7. ARIN discovers that A is no longer using the space in accordance with their RSA 8. ARIN reclaims the space and A and B are left to figure out who owes what to whom.
I've tried to deal with that a few times - mainly by writing up the first upstream AS. Usually they don't care (and every time I have noticed someone blatantly stealing space, it's been spammers). Good filtering at the transit provider border IMNSHO is the best way to solve this problem. Leslie On 8/13/10 10:59 AM, Greg Whynott wrote:
how does ARIN or whomever deal with similar situations where someone is advertising un-allocated, un-assigned by ARIN IP space in NA? do they have a deal/agreement with the 'backbone' providers?
-g
6. ARIN receives a fraud/abuse complaint that A's space is being used by B. 7. ARIN discovers that A is no longer using the space in accordance with their RSA 8. ARIN reclaims the space and A and B are left to figure out who owes what to whom.
I've tried to deal with that a few times - mainly by writing up the first upstream AS. Usually they don't care (and every time I have noticed someone blatantly stealing space, it's been spammers).
Has there ever been a case where ARIN has tried to take a block back from a party to whom they had allocated it and doesn't want to give it back? My impression is that stolen space is all swamp or legacy or abandoned, but I really don't know. In case it's not obvious, I'm not advocating that people thumb their noses at ARIN, but I don't see any obvious way to avoid my scenario. R's, John
On 13/08/10 21:04 -0000, John Levine wrote:
I've tried to deal with that a few times - mainly by writing up the first upstream AS. Usually they don't care (and every time I have noticed someone blatantly stealing space, it's been spammers).
Has there ever been a case where ARIN has tried to take a block back from a party to whom they had allocated it and doesn't want to give it back? My impression is that stolen space is all swamp or legacy or abandoned, but I really don't know.
In case it's not obvious, I'm not advocating that people thumb their noses at ARIN, but I don't see any obvious way to avoid my scenario.
Make a public example of the situation. Assign such a block to an ARIN member with extensive legal resources who's willing to send some nasty letters out, and back it up with court action to establish legal precedence. Or ARIN could do so itself on the grounds of breach of contract. Of course, said block should clearly fall within ARIN's domain, backed up with a signed contract from the original party. -- Dan White
On Aug 13, 2010, at 5:18 PM, Dan White wrote:
On 13/08/10 21:04 -0000, John Levine wrote:
I've tried to deal with that a few times - mainly by writing up the first upstream AS. Usually they don't care (and every time I have noticed someone blatantly stealing space, it's been spammers).
Has there ever been a case where ARIN has tried to take a block back from a party to whom they had allocated it and doesn't want to give it back? My impression is that stolen space is all swamp or legacy or abandoned, but I really don't know.
In case it's not obvious, I'm not advocating that people thumb their noses at ARIN, but I don't see any obvious way to avoid my scenario.
Make a public example of the situation. Assign such a block to an ARIN member with extensive legal resources who's willing to send some nasty letters out, and back it up with court action to establish legal precedence.
Or ARIN could do so itself on the grounds of breach of contract.
Of course, said block should clearly fall within ARIN's domain, backed up with a signed contract from the original party.
Yes, we have returns, revocations, and reclamations occurring routinely. They're covered in the same Toronto Registration services report that I referenced earlier on page 5. <https://www.arin.net/participate/meetings/reports/ARIN_XXV/PDF/Wednesday/Nobile_RSD.pdf> /John John Curran President and CEO ARIN
On Fri, Aug 13, 2010 at 04:18:01PM -0500, Dan White said:
Make a public example of the situation. Assign such a block to an ARIN member with extensive legal resources who's willing to send some nasty letters out, and back it up with court action to establish legal precedence.
Or ARIN could do so itself on the grounds of breach of contract.
Of course, said block should clearly fall within ARIN's domain, backed up with a signed contract from the original party.
Many of these outfits already have cashflow issue - suing them into the ground when they're already underwater is probably a cash-losing situation for ARIN. And I bet other orgs who are in good financial standing dont want to fund a suit against a judgement-proof org and lose money pushing lawyers around just for fun - not until IPs are worth $10+/IP/month at least, anyway. Then the lawsuits might be worth the investment. Pretty awesome: I see a new industry forming: IP REPO MEN. (Dont know if we can cast Emilio Estevez in th movie version, he's a bit too old now...) /kc -- Ken Chase - ken@heavycomputing.ca - +1 416 897 6284 - Toronto CANADA Heavy Computing - Clued bandwidth, colocation and managed linux VPS @151 Front St. W.
On Aug 13, 2010, at 10:36 AM, John Levine wrote:
http://www.circleid.com/posts/psst_interested_in_some_lightly_used_ip_addres ses/
Discuss. :-)
I don't entirely understand the process. Here's the flow chart as far as I've figured it out:
1. A sells a /20 of IPv4 space to B for, say, $5,000
2. A tells ARIN to transfer the chunk to B
3. ARIN says no, B hasn't shown that they need it
4. A and B say screw it, and B announces the space anyway
5. ???
R's, John
Owen Said: 6. ARIN receives a fraud/abuse complaint that A's space is being used by B. 7. ARIN discovers that A is no longer using the space in accordance with their RSA 8. ARIN reclaims the space and A and B are left to figure out who owes what to whom. You know I love you Owen. :) 9. A sues ARIN for tortuous contract interference. 10. B sues ARIN for same. 11. C and D join the law suit. 12. Judges step in. 13. ARIN gets mired in lawsuit after lawsuit 14. Dogs and cats start living together
On 8/13/10 2:06 PM, Aaron Wendel wrote:
You know I love you Owen. :)
9. A sues ARIN for tortuous contract interference. 10. B sues ARIN for same. 11. C and D join the law suit. 12. Judges step in. 13. ARIN gets mired in lawsuit after lawsuit 14. Dogs and cats start living together
Can we just cross the streams now, before the walls start bleeding? Jeff
I don't entirely understand the process. Here's the flow chart as far as I've figured it out:
1. A sells a /20 of IPv4 space to B for, say, $5,000
2. A tells ARIN to transfer the chunk to B
3. ARIN says no, B hasn't shown that they need it
4. A and B say screw it, and B announces the space anyway
5. ???
6. ARIN receives a fraud/abuse complaint that A's space is being used by B. 7. ARIN discovers that A is no longer using the space in accordance with their RSA 8. ARIN reclaims the space and A and B are left to figure out who owes what to whom.
9. A and B ignore ARIN's email and continue to announce what they've been announcing. 10. ARIN attempts to allocate the /20 to someone else, who is not amused. Note that at this point ARIN presumably has no more v4 space left, so a threat never to allocate more space to A or B isn't very scary. Given its limited practical leverage, ARIN is only effective insofar as its members and customers agree that playing by ARIN's rules is more beneficial than ignoring them. R's, John
On Fri, Aug 13, 2010 at 02:15:51PM -0400, John R. Levine said:
I don't entirely understand the process. Here's the flow chart as far as I've figured it out:
1. A sells a /20 of IPv4 space to B for, say, $5,000
2. A tells ARIN to transfer the chunk to B
3. ARIN says no, B hasn't shown that they need it
4. A and B say screw it, and B announces the space anyway
5. ???
6. ARIN receives a fraud/abuse complaint that A's space is being used by B. 7. ARIN discovers that A is no longer using the space in accordance with their RSA 8. ARIN reclaims the space and A and B are left to figure out who owes what to whom.
9. A and B ignore ARIN's email and continue to announce what they've been announcing.
10. ARIN attempts to allocate the /20 to someone else, who is not amused.
Note that at this point ARIN presumably has no more v4 space left, so a threat never to allocate more space to A or B isn't very scary. Given its limited practical leverage, ARIN is only effective insofar as its members and customers agree that playing by ARIN's rules is more beneficial than ignoring them.
Right, and Im answering my own question here, for (8) about the reclaiming - what upstream is going to stop carrying prefixes from a downstream that's 'illegally' announcing them? Is this upstream going to cut that customer off and lose the revenue, just to satisfy ARIN's bleating? From what I gather, all that ARIN can do is remove the NS records for the i-a.a reverse zone for the offending block, making SMTP a little trickier from the block, but not much else. Unless I didnt see the other large sticks ARIN's carrying? I've never seen them send hired goons to anyone's door... yet? /kc -- Ken Chase - ken@heavycomputing.ca - +1 416 897 6284 - Toronto CANADA Heavy Computing - Clued bandwidth, colocation and managed linux VPS @151 Front St. W.
Is this upstream going to cut that customer off and lose the revenue, just to satisfy ARIN's bleating?
Isn't this a little bit like an SSL daemon? One which refuses to process a revocation list on the basis of the function of the certificate is useless. The revocation list only has authority if the agent asks for and processes it. Would you use this SSL daemon, knowing that it had this bug? I would consider a transit provider who subverted an ARIN revocation to be disreputable, and seek other sources of transit. Best Regards, Nathan Eisenberg Atlas Networks, LLC
On Aug 13, 2010, at 2:49 PM, Nathan Eisenberg wrote:
Is this upstream going to cut that customer off and lose the revenue, just to satisfy ARIN's bleating?
Isn't this a little bit like an SSL daemon? One which refuses to process a revocation list on the basis of the function of the certificate is useless. The revocation list only has authority if the agent asks for and processes it. Would you use this SSL daemon, knowing that it had this bug?
It seems to me that most people trust certificates even if there is no certificate authority at all, revocations or no. So if "you" means "the market," I would say the answer is yes. Regards Marshall
I would consider a transit provider who subverted an ARIN revocation to be disreputable, and seek other sources of transit.
Best Regards, Nathan Eisenberg Atlas Networks, LLC
On Fri, 2010-08-13 at 18:49 +0000, Nathan Eisenberg wrote:
Isn't this a little bit like an SSL daemon?
no.
One which refuses to process a revocation list on the basis of the function of the certificate is useless.
no, it's not. ssl as a form of identity assurance itself is what is useless.
The revocation list only has authority if the agent asks for and processes it.
most don't do this, because: - most SSL daemons don't serve the revocation lists; - most SSL agents don't know how to download the revocation lists from another source. see previous note about SSL being worthless for identity assurance.
Would you use this SSL daemon, knowing that it had this bug?
i wouldn't care - see above points.
I would consider a transit provider who subverted an ARIN revocation to be disreputable, and seek other sources of transit.
how do you know if the ARIN revocation is proper? with the IPv4 exhaustion becoming very close to happening now, it is possible that ARIN could "go rogue." following a corporation (yes, ARIN is a corporation) as if you were a sheep will empower them to do precisely this in the future. william
I would consider a transit provider who subverted an ARIN revocation to be disreputable, and seek other sources of transit.
easy to say, but the reality is you may chose not to do so due to logistical, monetary or management/boss reasons which trumps your constitutionally balanced nature. If someone who was downstream from this provider in a similar situation, I'd say there is a stronger propensity for them to not 'do the right thing'. which by the way isn't a law, so who says its right? its a set of guide lines a group of folks put together. -g
If someone who was downstream from this provider in a similar situation, I'd say there is a stronger propensity for them to not 'do the right thing'. which by the way isn't a law, so who says its right? its a set of guide lines a group of folks put together.
But the reality is that you asserted your intention to follow those guidelines when you requested the allocation, did you not? If an upstream accepts announcements from a revoked block, what is to stop them from accepting announcements for an unallocated block? I realize this precariously borders on committing a slippery slope fallacy, but I think it's a valid question to ask - a provider is either 'in compliance' with the guidelines, or 'not in compliance' with them. Once you're 'not in compliance' a little bit, how can I have a valid trust relationship with you about the rest of it?
see previous note about SSL being worthless for identity assurance.
Fair enough - serves me right for invoking analogy.
following a corporation (yes, ARIN is a corporation) as if you were a sheep will empower them to do precisely this in the future.
There's no sheepism here. The proposed situation represents a valid reason for revoking address space under the community developed guidelines. I don't see the problem with following those guidelines, do you?
How many large carriers on this list would immediately halt announcing a downstream-in-good-financial-standing's prefixes just because ARIN say's they're delinquent?
That depends. I vote with my wallet. How many carriers want my business, and the business of other customers who (reasonably) expect compliance with the standing policies? Do you want to do business with someone who's willing to break the rules everyone else is playing by? Best Regards, Nathan Eisenberg Atlas Networks, LLC
On Fri, Aug 13, 2010 at 07:25:56PM +0000, Nathan Eisenberg said:
But the reality is that you asserted your intention to follow those guidelines when you requested the allocation, did you not?
If an upstream accepts announcements from a revoked block, what is to stop them from accepting announcements for an unallocated block? I realize this precariously borders on committing a slippery slope fallacy, but I think it's a valid question to ask - a provider is either 'in compliance' with the guidelines, or 'not in compliance' with them. Once you're 'not in compliance' a little bit, how can I have a valid trust relationship with you about the rest of it?
There's a difference - once the upstream is hooked on the revenue stream they're not going to want to interfere with it. They might pass along some threats from ARIN and/or levy their own, but I doubt they'd seriously make good on it and cut their own hand off and lose the revenue. That's for a deallocated block that was in good standing originally - this assumes the contract for transit with the upstream included someone there ensuring that the block was properly/legally allocated, and WHOIS/RADB/Swip/yadda and everything else was properly notated and setup. Going from good standing with a revenue stream for some months/years to bad is different from accepting a bogon customer at the very start of the arrangement. Lots of things would not lineup with a minimum of due dilligence, and I suspect that most providers with any ethical slant will refuse to provide service (scenario screams 'SPAMMER!' for one). That's alot different from shutting off a revenue stream that was working well (sans spam) for a year or more prior.
following a corporation (yes, ARIN is a corporation) as if you were a sheep will empower them to do precisely this in the future.
There's no sheepism here. The proposed situation represents a valid reason for revoking address space under the community developed guidelines. I don't see the problem with following those guidelines, do you?
The reality is that following the guidelines is psychologically difficult in harder times as we're experiencing now. Without any real repercussions for the upstream for NOT cutting off the customer, balanced against the existing revenue stream from the delinquent (assuming they're not delinquent with their transit provider as well), it's not a hard calculation. I dont see much 'community' fallout occurring either, or we'd see it on this list. A few transit providers have very poor reputations in the community (y'all know who they are), and personally I won't purchase from them, but certainly none of them have garnered this reputation by not cutting off ARIN delinquents. It's just not publically available data - I dont think ARIN publishes this as I said, and if they did I suspect it'd be a pretty busy-yet-boring mailing list (with alot of screaming and name calling if it was open to public posting :).
How many large carriers on this list would immediately halt announcing a downstream-in-good-financial-standing's prefixes just because ARIN say's they're delinquent?
That depends. I vote with my wallet. How many carriers want my business, and the business of other customers who (reasonably) expect compliance with the standing policies? Do you want to do business with someone who's willing to break the rules everyone else is playing by?
IS everyone else playing by them? We dont really have data as I mentioned, or I don't at least, so if anyone can provide stats (ARIN? some bulk numbers without naming any names?) that'd be helpful in shaping this dicussion by identifying how large the issue really is. Number of requests to upstreams to halt announcements, and a mean and stddev on days-til-compliance for that action (or how many delinquents were succesfully scared into paying ARIN by an upstream's sternly worded warning would also be interesting). Unfortunately such stats would also be good hard data for gamblers to model the risk/reward profile on continuing to not pay. :) Shades of freakonomics game theory here...
Best Regards, Nathan Eisenberg Atlas Networks, LLC
/kc -- Ken Chase - ken@heavycomputing.ca - +1 416 897 6284 - Toronto CANADA Heavy Computing - Clued bandwidth, colocation and managed linux VPS @151 Front St. W.
I know of several large providers that would stop routing such "rogue" space. Any provider that isn't prepared to deal with such a possible customer threat or problem you don't want to be associating with. They likely harbor other badness as well. It may take some time to catch up to them but we have seen more of these rogue elements end up with people refusing to sell to them or law enforcement taking some action. If your management does not realize they are buying from possible criminals, you get what you pay for. I've found a number of cases where providers are actually doing mitm and stealing SIP credentials for fraud. Make sure you actually have good controls and communication for when things hit the fan.... Jared Mauch On Aug 13, 2010, at 3:00 PM, Greg Whynott <Greg.Whynott@oicr.on.ca> wrote:
I would consider a transit provider who subverted an ARIN revocation to be disreputable, and seek other sources of transit.
easy to say, but the reality is you may chose not to do so due to logistical, monetary or management/boss reasons which trumps your constitutionally balanced nature.
If someone who was downstream from this provider in a similar situation, I'd say there is a stronger propensity for them to not 'do the right thing'. which by the way isn't a law, so who says its right? its a set of guide lines a group of folks put together.
-g
On Fri, Aug 13, 2010 at 05:00:04PM -0400, Jared Mauch said:
I know of several large providers that would stop routing such "rogue" space.
Any provider that isn't prepared to deal with such a possible customer
Really? They'd take a seriously delinquent (and we're only talking about non payment after several months to Arin, not spammers or other 'criminal' elements) that's still paying for their transit and cut off their prefix announcements? I dont know that that's true for most outfits in these tough times. Nixing a $5000 or $10000+ MRC revenue stream probably requires some hard thought at high levels in most outfits. threat or problem you don't want to be associating with. They likely harbor other badness as well. Possibly, but this isnt that much of a gateway drug. I know lots of companies in a financial crunch right now, and if losing the i-a.a reverse is the only effect of being late on a payment 'til the sun starts shining again' when their own customers start making good on old invoices, then I think many others would choose to delay paying ARIN instead. When things get tough, payables are readily triaged into high and low priority. Perhaps NOC peeps on this list arent exposed to such decisions made in other departments - we run a small operation here so we're all part of such things. Some harsh realities in business sometimes! In many cases I suspect ARIN ends up as low priority, without any criminal mindset in operation putting them there - some of these operators might even be altruistically thinking of their employees too - we know how fast service goes stale in a multi-day outtage - losing connectivity may mean employees are soon not paid and literally go hungry. So most outfits will pay their upstreams before ARIN - and they can keep their revenue streams going and pay their employees - and in the long run, one day maybe pay ARIN too. Who disagrees? Go from that example to paying for power/colo, phone, etc and tell me where ARIN is on your triage list during a cashflow event.
It may take some time to catch up to them but we have seen more of these rogue elements end up with people refusing to sell to them or law enforcement taking some action.
I know of a few such entities that are semi-chronically late in paying ARIN, but they still havent taken on spammers or Chinese intelligence operations/cyberwar plaforms as customers yet, despite your broken broken window/gateway drug analogy. It aint all black and white, there's lots of gray out there, and organizations that are forced into unfortunate circumstance through current economics, possibly mismanagement and cluelessness too, but without any malice at work.
If your management does not realize they are buying from possible criminals, you get what you pay for.
If the criminals all wore t shirts that said they're part of the club that'd be easy. When a company is having a cashflow issues, I'd say they're just in a very big club. If they manage to pay me, I dont ask any questions about the ethics of their triaging of other payables.
I've found a number of cases where providers are actually doing mitm and stealing SIP credentials for fraud. Make sure you actually have good controls and communication for when things hit the fan....
Examples of shitty fans, and controls? just want a better idea of what you're referring to. /kc -- Ken Chase - ken@heavycomputing.ca - +1 416 897 6284 - Toronto CANADA Heavy Computing - Clued bandwidth, colocation and managed linux VPS @151 Front St. W.
Sounds like your place is where the spammers should camp out.... Here I know we have eaten costs of term liability and cancelled contracts more than the dollar figures you have mentioned below to keep the net clean. Sad that it appears you may not be willing to put the money where your mouth is. If anyone sees us (2914) routing space of this sort and does not get a favorable response let me know in private. I will personally follow up on any issues. I may not be able to respond due to customer privacy issues but surely we need to be aware of badness so we can clean it up. Hope you are in the same position to clean up and terminate people that pose the risk to the Internet. Jared Mauch On Aug 13, 2010, at 5:25 PM, Ken Chase <ken@sizone.org> wrote:
On Fri, Aug 13, 2010 at 05:00:04PM -0400, Jared Mauch said:
I know of several large providers that would stop routing such "rogue" space.
Really? They'd take a seriously delinquent (and we're only talking about non payment after several months to Arin, not spammers or other 'criminal' elements) that's still paying for their transit and cut off their prefix announcements? I dont know that that's true for most outfits in these tough times. Nixing a $5000 or $10000+ MRC revenue stream probably requires some hard thought at high levels in most outfits.
Any provider that isn't prepared to deal with such a possible customer threat or problem you don't want to be associating with. They likely harbor other badness as well.
Possibly, but this isnt that much of a gateway drug. I know lots of companies in a financial crunch right now, and if losing the i-a.a reverse is the only effect of being late on a payment 'til the sun starts shining again' when their own customers start making good on old invoices, then I think many others would choose to delay paying ARIN instead.
When things get tough, payables are readily triaged into high and low priority. Perhaps NOC peeps on this list arent exposed to such decisions made in other departments - we run a small operation here so we're all part of such things. Some harsh realities in business sometimes!
In many cases I suspect ARIN ends up as low priority, without any criminal mindset in operation putting them there - some of these operators might even be altruistically thinking of their employees too - we know how fast service goes stale in a multi-day outtage - losing connectivity may mean employees are soon not paid and literally go hungry. So most outfits will pay their upstreams before ARIN - and they can keep their revenue streams going and pay their employees - and in the long run, one day maybe pay ARIN too. Who disagrees? Go from that example to paying for power/colo, phone, etc and tell me where ARIN is on your triage list during a cashflow event.
It may take some time to catch up to them but we have seen more of these rogue elements end up with people refusing to sell to them or law enforcement taking some action.
I know of a few such entities that are semi-chronically late in paying ARIN, but they still havent taken on spammers or Chinese intelligence operations/cyberwar plaforms as customers yet, despite your broken broken window/gateway drug analogy. It aint all black and white, there's lots of gray out there, and organizations that are forced into unfortunate circumstance through current economics, possibly mismanagement and cluelessness too, but without any malice at work.
If your management does not realize they are buying from possible criminals, you get what you pay for.
If the criminals all wore t shirts that said they're part of the club that'd be easy. When a company is having a cashflow issues, I'd say they're just in a very big club. If they manage to pay me, I dont ask any questions about the ethics of their triaging of other payables.
I've found a number of cases where providers are actually doing mitm and stealing SIP credentials for fraud. Make sure you actually have good controls and communication for when things hit the fan....
Examples of shitty fans, and controls? just want a better idea of what you're referring to.
/kc -- Ken Chase - ken@heavycomputing.ca - +1 416 897 6284 - Toronto CANADA Heavy Computing - Clued bandwidth, colocation and managed linux VPS @151 Front St. W.
Here I know we have eaten costs of term liability and cancelled contracts more than the dollar figures you have mentioned below to keep the net clean. Sad that it appears you may not be willing to put the money where your mouth is.
how noble of you. and how perceptive to equate legitimate address space use with criminality. i am deeply heartened that there a big kids like you to save the rest of us from evil. randy
On Fri, Aug 13, 2010 at 15:25, Ken Chase <ken@sizone.org> wrote:
On Fri, Aug 13, 2010 at 05:00:04PM -0400, Jared Mauch said: >I know of several large providers that would stop routing such "rogue" space.
Really? They'd take a seriously delinquent (and we're only talking about non payment after several months to Arin, not spammers or other 'criminal' elements) that's still paying for their transit and cut off their prefix announcements? I dont know that that's true for most outfits in these tough times. Nixing a $5000 or $10000+ MRC revenue stream probably requires some hard thought at high levels in most outfits.
First, in this thread we are not talking about folks who have not paid ARIN their dues, we are talking about folks who "sell" addresses despite not being authorized to do so by ARIN - aka abuse/fraud. Either way, if ARIN finds strong enough reason to revoke numbers from Org A who is ISP X' customer, ARIN will eventually reassign those numbers. When ISP Y calls ISP X and says "hey, your customer Org A is advertising my customer Org B's address space." ISP X will check WHOIS, see that they are telling the truth and filter that block from Org A. If ISP X does not, they will likely see peering and transit options shrink rapidly. So in short - yes, really. ~Chris
/kc -- Ken Chase - ken@heavycomputing.ca - +1 416 897 6284 - Toronto CANADA Heavy Computing - Clued bandwidth, colocation and managed linux VPS @151 Front St. W.
-- @ChrisGrundemann weblog.chrisgrundemann.com www.burningwiththebush.com www.coisoc.org
First, in this thread we are not talking about folks who have not paid ARIN their dues, we are talking about folks who "sell" addresses despite not being authorized to do so by ARIN - aka abuse/fraud.
this is less clear-cut than you seem to think it is. but i suspect we will see it in court fairly soon. randy
On Sat, 14 Aug 2010 17:03:59 MDT, Chris Grundemann said:
First, in this thread we are not talking about folks who have not paid ARIN their dues, we are talking about folks who "sell" addresses despite not being authorized to do so by ARIN - aka abuse/fraud.
Psst.. Hey.. buddy. Over here... wanna score some gen-yoo-ine Rolex integers, cheap?
On 08/14/2010 21:24, Valdis.Kletnieks@vt.edu wrote:
On Sat, 14 Aug 2010 17:03:59 MDT, Chris Grundemann said:
First, in this thread we are not talking about folks who have not paid ARIN their dues, we are talking about folks who "sell" addresses despite not being authorized to do so by ARIN - aka abuse/fraud.
Psst.. Hey.. buddy. Over here... wanna score some gen-yoo-ine Rolex integers, cheap?
... only if they're prime. -- Improve the effectiveness of your Internet presence with a domain name makeover! http://SupersetSolutions.com/ Computers are useless. They can only give you answers. -- Pablo Picasso
I agree with you. the context around my statement is if the downstream believed or has some validity to a claim that they are being unjustly treated or over sighted by ARIN (or others). it wasn't about procuring blocks from a criminal, rather when ARIN says you are no longer entitled to the blocks they assigned the downstream customer, who believes they are. I'm not against ARIN, I think they have good intentions. I'd like to think so anyway. take care and have a great weekend, greg ________________________________________ From: Jared Mauch [jared@puck.nether.net] Sent: Friday, August 13, 2010 5:00 PM To: Greg Whynott Cc: Nathan Eisenberg; nanog@nanog.org Subject: Re: Lightly used IP addresses I know of several large providers that would stop routing such "rogue" space. Any provider that isn't prepared to deal with such a possible customer threat or problem you don't want to be associating with. They likely harbor other badness as well. It may take some time to catch up to them but we have seen more of these rogue elements end up with people refusing to sell to them or law enforcement taking some action. If your management does not realize they are buying from possible criminals, you get what you pay for. I've found a number of cases where providers are actually doing mitm and stealing SIP credentials for fraud. Make sure you actually have good controls and communication for when things hit the fan.... Jared Mauch On Aug 13, 2010, at 3:00 PM, Greg Whynott <Greg.Whynott@oicr.on.ca> wrote:
I would consider a transit provider who subverted an ARIN revocation to be disreputable, and seek other sources of transit.
easy to say, but the reality is you may chose not to do so due to logistical, monetary or management/boss reasons which trumps your constitutionally balanced nature.
If someone who was downstream from this provider in a similar situation, I'd say there is a stronger propensity for them to not 'do the right thing'. which by the way isn't a law, so who says its right? its a set of guide lines a group of folks put together.
-g
I'm not against ARIN, I think they have good intentions. I'd like to think so anyway.
Same here. I'm honestly surprised that there is as much dissention from this attitude as there seems to be...
Yes, we have returns, revocations, and reclamations occurring routinely. They're covered in the same Toronto Registration services report that I referenced earlier on page 5. <https://www.arin.net/participate/meetings/reports/ARIN_XXV/PDF/Wednesda y/Nobile_RSD.pdf>
John, thank you for the links. Interesting information there! Best Regards, Nathan Eisenberg Atlas Networks, LLC
Nathan, On Aug 13, 2010, at 2:51 PM, Nathan Eisenberg wrote:
I'm not against ARIN, I think they have good intentions. I'd like to think so anyway. Same here. I'm honestly surprised that there is as much dissention from this attitude as there seems to be...
I suspect the issue arises when ARIN (or anyone else for that matter) attempts to assert dominion over resources folks consider their own. That is, in the original scenario John Levine posed: "1. A sells a /20 of IPv4 space to B for, say, $5,000 2. A tells ARIN to transfer the chunk to B 3. ARIN says no, B hasn't shown that they need it 4. A and B say screw it, and B announces the space anyway" I believe the point of contention lies in step 3. In the case of the 38% of the address space described by John Curran as "managed" by ARIN with an (L)RSA, there is contractual language that dictates ARIN has some authority to "say no". In the remaining 62% of the space (according to ARIN), presumably space allocated without any form of RSA, the issue is, at least to my mind, far less clear. In the face of this lack of clarity, when you have folks saying things like: "6. ARIN receives a fraud/abuse complaint that A's space is being used by B. 7. ARIN discovers that A is no longer using the space in accordance with their RSA 8. ARIN reclaims the space and A and B are left to figure out who owes what to whom." without proviso about whether an (L)RSA is applicable, it isn't particularly surprising that folks who can imagine themselves as (or at least sympathize with) A or B getting their dander up. In addition, as/after the IPv4 free pool is exhausted, there are going to be lots of folks who discover they have more address space than they really need as there are going to be lots of folks who are desperately in need of additional IPv4 addresses. This will result in address markets. Some people (e.g., I'm guessing Vadim) do not see a role for ARIN as mediator of an exchange between these two sets of folks. Others believe that there needs to be some 'regulator' of the market or (e.g.) speculators will swoop in and buy up all the allocated-but-unused IPv4 address space, resulting in those in desperate need of IPv4 addresses paying through the nose. Given the arguments between free vs. regulated markets generates much heat in pretty much every other economic discussion, I'd be surprised if it didn't occur in address markets. Regards, -drc
On Fri, Aug 13, 2010 at 06:49:35PM +0000, Nathan Eisenberg said:
Is this upstream going to cut that customer off and lose the revenue, just to satisfy ARIN's bleating?
Isn't this a little bit like an SSL daemon? One which refuses to process a revocation list on the basis of the function of the certificate is useless. The revocation list only has authority if the agent asks for and processes it. Would you use this SSL daemon, knowing that it had this bug?
I would consider a transit provider who subverted an ARIN revocation to be disreputable, and seek other sources of transit.
Assuming the public even found out about the situation. For ARIN to make good on this community goodwill, they'd have to (1) publish the disrepute of the upstream who refuses to stop announcing the rogue downstream's prefixes. Im not sure what step 2+ is going to be there, but I bet ARIN would become very unpopular with (1) above amongst its customers reselling bandwidth to other ARIN IPv4 block users. How many large carriers on this list would immediately halt announcing a downstream-in-good-financial-standing's prefixes just because ARIN say's they're delinquent? I bet most wont even answer this question to the list here - most likely dont have an official policy for this situation, and if they did, it's likely not going to be publically disclosed. (If any are willing to disclose such publically, I'd love to hear/see the policy's details.) /kc
Best Regards, Nathan Eisenberg Atlas Networks, LLC
-- Ken Chase - ken@heavycomputing.ca - +1 416 897 6284 - Toronto CANADA Heavy Computing - Clued bandwidth, colocation and managed linux VPS @151 Front St. W.
Is this upstream going to cut that customer off and lose the revenue, just to satisfy ARIN's bleating?
Isn't this a little bit like an SSL daemon? One which refuses to process a revocation list on the basis of the function of the certificate is useless. The revocation list only has authority if the agent asks for and
A possible stick for ARIN could be that any AS that advertises space for B and any network that uses that rogue AS would not receive resource requests/changes from ARIN. Perhaps too strong of a stick? Frank -----Original Message----- From: Ken Chase [mailto:ken@sizone.org] Sent: Friday, August 13, 2010 2:13 PM To: nanog@nanog.org Subject: Re: Lightly used IP addresses On Fri, Aug 13, 2010 at 06:49:35PM +0000, Nathan Eisenberg said: processes it. Would you use this SSL daemon, knowing that it had this bug?
I would consider a transit provider who subverted an ARIN revocation to
be disreputable, and seek other sources of transit. Assuming the public even found out about the situation. For ARIN to make good on this community goodwill, they'd have to (1) publish the disrepute of the upstream who refuses to stop announcing the rogue downstream's prefixes. Im not sure what step 2+ is going to be there, but I bet ARIN would become very unpopular with (1) above amongst its customers reselling bandwidth to other ARIN IPv4 block users. How many large carriers on this list would immediately halt announcing a downstream-in-good-financial-standing's prefixes just because ARIN say's they're delinquent? I bet most wont even answer this question to the list here - most likely dont have an official policy for this situation, and if they did, it's likely not going to be publically disclosed. (If any are willing to disclose such publically, I'd love to hear/see the policy's details.) /kc
Best Regards, Nathan Eisenberg Atlas Networks, LLC
-- Ken Chase - ken@heavycomputing.ca - +1 416 897 6284 - Toronto CANADA Heavy Computing - Clued bandwidth, colocation and managed linux VPS @151 Front St. W.
On Aug 13, 2010, at 2:31 PM, Ken Chase wrote:
... Right, and Im answering my own question here, for (8) about the reclaiming - what upstream is going to stop carrying prefixes from a downstream that's 'illegally' announcing them? Is this upstream going to cut that customer off and lose the revenue, just to satisfy ARIN's bleating? From what I gather, all that ARIN can do is remove the NS records for the i-a.a reverse zone for the offending block, making SMTP a little trickier from the block, but not much else.
Unless I didnt see the other large sticks ARIN's carrying? I've never seen them send hired goons to anyone's door... yet?
Ken - ARIN maintains the WHOIS based on what the community develops for policies; what's happens in routing tables is entirely up to the ISP community. No "bleating" or "large sticks" here, just turning the policy crank and managing address space accordingly. ARIN pulls the address space, and then (after holddown) reissues it to another provider. WHOIS reflects this change, as does in-addr. Whether an ISP respect the information in WHOIS is likely to always be a "local decision"; ARIN's responsibility is to make sure that the information contained therein matches the community's policy not some hypothetical routing enforcement. There will be an ISP attempting to make use of that reassigned address space, and one could imagine that party being let down if the community says one thing in policy but does another when it comes to routing. /John John Curran President and CEO ARIN
On Fri, Aug 13, 2010 at 03:17:50PM -0400, John Curran said:
Ken -
ARIN maintains the WHOIS based on what the community develops for policies; what's happens in routing tables is entirely up to the ISP community. No "bleating" or "large sticks" here, just turning the policy crank and managing address space accordingly.
ARIN pulls the address space, and then (after holddown) reissues it to another provider. WHOIS reflects this change, as does in-addr. Whether an ISP respect the information in WHOIS is likely to always be a "local decision"; ARIN's responsibility is to make sure that the information contained therein matches the community's policy not some hypothetical routing enforcement.
There will be an ISP attempting to make use of that reassigned address space, and one could imagine that party being let down if the community says one thing in policy but does another when it comes to routing.
/John
John Curran President and CEO ARIN
Thanks John - I realise this. I was merely putting on the hat of those who may try to bend the policies to their advantage through delinquent activity. The common good is at stake here, and I'd rather that ARIN did have some collective 'stick' to effectively apply itself or via its members. I too don't want to deal with announcements for the same prefix from multiple warring AS's or other side effects of the IPv4 crunch. I'm indicating (the probably obvious) that these pressures will certainly increase over time, and as one other member pointed out, the sticks may become neccessary - and the community will have to become more 'constitutionally ethical' in their handling of delinquents on ARIN's/the commmunity's behalf. Not sure what incentives are in play to encourage this, as it will become necessary in a shorter time than we may think. Thanks for your reply and clarifications. /kc -- Ken Chase - ken@heavycomputing.ca - +1 416 897 6284 - Toronto CANADA Heavy Computing - Clued bandwidth, colocation and managed linux VPS @151 Front St. W.
On Fri, 13 Aug 2010 15:24:45 EDT, Ken Chase said:
I'm indicating (the probably obvious) that these pressures will certainly increase over time, and as one other member pointed out, the sticks may become neccessary - and the community will have to become more 'constitutionally ethical' in their handling of delinquents on ARIN's/the commmunity's behalf.
How long did it take to cut Intercage off for *lots* worse things?
On Aug 13, 2010, at 11:31 AM, Ken Chase wrote:
On Fri, Aug 13, 2010 at 02:15:51PM -0400, John R. Levine said:
I don't entirely understand the process. Here's the flow chart as far as I've figured it out:
1. A sells a /20 of IPv4 space to B for, say, $5,000
2. A tells ARIN to transfer the chunk to B
3. ARIN says no, B hasn't shown that they need it
4. A and B say screw it, and B announces the space anyway
5. ???
6. ARIN receives a fraud/abuse complaint that A's space is being used by B. 7. ARIN discovers that A is no longer using the space in accordance with their RSA 8. ARIN reclaims the space and A and B are left to figure out who owes what to whom.
9. A and B ignore ARIN's email and continue to announce what they've been announcing.
10. ARIN attempts to allocate the /20 to someone else, who is not amused.
Note that at this point ARIN presumably has no more v4 space left, so a threat never to allocate more space to A or B isn't very scary. Given its limited practical leverage, ARIN is only effective insofar as its members and customers agree that playing by ARIN's rules is more beneficial than ignoring them.
Right, and Im answering my own question here, for (8) about the reclaiming - what upstream is going to stop carrying prefixes from a downstream that's 'illegally' announcing them? Is this upstream going to cut that customer off and lose the revenue, just to satisfy ARIN's bleating? From what I gather, all that ARIN can do is remove the NS records for the i-a.a reverse zone for the offending block, making SMTP a little trickier from the block, but not much else.
ARIN can do quite a bit more if the resources are under RSA. If they are legacy resources (which I don't believe there are such things as legacy /20s), then, it's a bit murkier, but, I wouldn't completely count ARIN out.
Unless I didnt see the other large sticks ARIN's carrying? I've never seen them send hired goons to anyone's door... yet?
Contract law anyone? Perhaps you should re-read your RSAs. Owen
On Aug 13, 2010, at 2:15 PM, John R. Levine wrote:
... 10. ARIN attempts to allocate the /20 to someone else, who is not amused.
Note that at this point ARIN presumably has no more v4 space left, so a threat never to allocate more space to A or B isn't very scary. Given its limited practical leverage, ARIN is only effective insofar as its members and customers agree that playing by ARIN's rules is more beneficial than ignoring them.
Thank you John for saying this... As noted, ARIN's just trying to administer the policies that the community has developed. This means that we will revoke the address space for cases of fraud, and will reissue to one of you to use. Now, if that's not the desired outcome, the policies are subject to change via the public policy process. As it is, folks need to expect that they may receive address space that was revoked as a result of such misuse, or change the policies to have ARIN do something else. /John John Curran President and CEO ARIN
On Fri, Aug 13, 2010 at 1:36 PM, John Levine <johnl@iecc.com> wrote:
http://www.circleid.com/posts/psst_interested_in_some_lightly_used_ip_addres...
I don't entirely understand the process. Here's the flow chart as far as I've figured it out:
1. A sells a /20 of IPv4 space to B for, say, $5,000 2. A tells ARIN to transfer the chunk to B 3. ARIN says no, B hasn't shown that they need it 4. A and B say screw it, and B announces the space anyway
1. B applies for a block of IPv4 addresses from ARIN. 2. ARIN says: "You qualify for a /20. You have been added to the waiting list. You may also receive a transfer." 3. B finds A offering to sell a /20 on ebay or wherever. 4. A sells a /20 of IPv4 space to B for, say, $5,000 5. A tells ARIN to transfer the chunk to B 6. ARIN tells B: "A has authorized the transfer of x.y.z.0/20 to you. You previously qualified for a /20. Pay your registration fee at http://website to complete the transfer." 7. You pay. The /20 is transferred. It remains to be seen if / how well this works. But that's the basic plan. Regards, Bill Herrin -- William D. Herrin ................ herrin@dirtside.com bill@herrin.us 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004
participants (27)
-
Aaron Wendel
-
Andrew Kirch
-
bmanning@vacation.karoshi.com
-
Brandon Galbraith
-
Chris Grundemann
-
Dan White
-
David Conrad
-
Doug Barton
-
Frank Bulk
-
Greg Whynott
-
Jared Mauch
-
JEff
-
Jeffrey Lyon
-
John Curran
-
John Levine
-
John R. Levine
-
Ken Chase
-
Leslie
-
Marshall Eubanks
-
Nathan Eisenberg
-
Owen DeLong
-
Randy Bush
-
Robert Seastrom
-
Seth Mattinen
-
Valdis.Kletnieks@vt.edu
-
William Herrin
-
William Pitcock