Inter-provider communications (Re: nobody @home)
On Sat, 20 January 2001, Dan Hollis wrote:
Youre lucky. Ive noticed an increasing trend that the NOC phone numbers listed on corporate web pages come back as disconnected/RNA, and the emails bounce "no such user". Real cute, especially when you're being ddos'd.
whois data is even worse. I suspect upwards of 25% of whois contact data is worthless.
This is not new, or even an increasing trend. I used to contact between 80 and 100 different NOCs every six months. I would call every NOC contact phone number, and ask them to confirm it was the correct phone number. Its amazing how many NOC's didn't know their own number. And when I told them what number I had dialed, didn't know that number was connected to their NOC. The phone number churn was a consistent 30%, even with contact information exchanged in accordance with written peer agreements. Every six months it would take me almost a week to reach 90 or so NOCs, and get the current contact information. In the case of a couple of NOCs, in three years I was never able to reach anyone at the NOC willing to confirm the information. I used to post the results of my "drill" on NANOG. IOPS set up a contact list for its members, and for a while was doing monthly drills. But since IOPS's keeps it a secret, I don't know how successful they've been. About two years ago, I proposed to all major providers we set up a set of permanent, private communication links between all the NOCs. The "phone number" would be your ASN(s). The system would be based on the same technology used by the NAWAS and NTA. Which lets you set up an instant conferences. I can set up the system so those providers who want to talk in "private," have conferences as small as two parties or as large as everyone on the network, while monitoring multiple circuits at the same time. 10 providers thought it was a good idea, but the two largest providers never responded to any inquiries. I can bring the idea out of mothballs again, if folks are interested.
On 20 Jan 2001, Sean Donelan wrote:
10 providers thought it was a good idea, but the two largest providers never responded to any inquiries.
It's infuriating that the xenophobia and paranoia of the tier1s is such a roadblock to keeping networks running smoothly. Try to contact them when one of their colo's is flooding the net with attacks and the usual response is something along the lines of a hermit crab retreating into its shell. The only thing harder than getting a tier1 to turn off their smurf amps is getting the US military to turn off their smurf amps. Public tax dollars being used to ddos the private sector. Mmmmmm gives you such a warm fuzzy feeling... It'd be nice to start a standard facility for noc communication. Even better if active membership would become important enough to be a major factor for circuit purchasing... Sigh, one can dream... -Dan
On Sat, 20 Jan 2001, Dan Hollis wrote:
On 20 Jan 2001, Sean Donelan wrote:
10 providers thought it was a good idea, but the two largest providers never responded to any inquiries.
It's infuriating that the xenophobia and paranoia of the tier1s is such a roadblock to keeping networks running smoothly.
It is, but this issues keeps getting hashed and rehashed here, and absolutely nothing ever happens about it. Without buy-in from "people that matter" all of these endless discussions are simply more grist for the mill.
Sean Donelan wrote:
I can bring the idea out of mothballs again, if folks are interested.
I'd love to have access to the info. The question becomes how widely you want to distribute the list. At one end of the spectrum is a list shared only by Tier-1's and perhaps the admins at the largest of the smaller ISPs and NSPs. At the other end is Jared Mauch's publically-accessible list. Another thought - I don't advocate lots of government involvement in the Internet arena, but perhaps it's time that our Congresscritters demanded that these big companies talk to each other. Those big guys want us to think that Internet transit is as reliable as dialtone.[0] It won't be as long as they continue to make it difficult to stop attacks... -- Steve Sobol, BOFH, President 888.480.4NET 866.DSL.EXPRESS 216.619.2NET North Shore Technologies Corporation http://NorthShoreTechnologies.net JustTheNet/JustTheNet EXPRESS DSL (ISP Services) http://JustThe.net mailto:sjsobol@NorthShoreTechnologies.net Proud resident of Cleveland, Ohio
On Sun, 21 Jan 2001, Steve Sobol wrote:
Sean Donelan wrote:
I can bring the idea out of mothballs again, if folks are interested.
I'd love to have access to the info. The question becomes how widely you want to distribute the list. At one end of the spectrum is a list shared only by Tier-1's and perhaps the admins at the largest of the smaller ISPs and NSPs. At the other end is Jared Mauch's publically-accessible list.
Another thought - I don't advocate lots of government involvement in the Internet arena, but perhaps it's time that our Congresscritters demanded that these big companies talk to each other. Those big guys want us to think that Internet transit is as reliable as dialtone.[0] It won't be as long as they continue to make it difficult to stop attacks...
It gets even worse when said providers are sometimes recalcitrant or outright refuse to help even their paying customers to mitigate and/or trace attacks. One large provider of hosting services who shall remain nameless in the hopes they will become more helpful through private discussion recently told one of my clients that placing RFC-1918 filters within their borders(the client was being DDOS'd in part from machines within that providers network) was "against policy" and they wouldn't do it. I shudder to think what they tell non-customers(if they even talk to them at all.)
participants (4)
-
Dan Hollis
-
Patrick Greenwell
-
Sean Donelan
-
Steve Sobol