Looks like PSInet is demonstrating their complete and total lack of clue again.
Who has less of a clue? A provider that announces a 1.1.1.0/24, or a provider that listens to junk like 1.1.1.0/24? It doesn't matter what junk is announced, *IF* you could get providers not to listen to it. -- Sean Donelan, Data Research Associates, Inc, St. Louis, MO Affiliation given for identification not representation
On Wed, May 13, 1998 at 05:07:38PM -0500, Sean Donelan put this into my mailbox:
Looks like PSInet is demonstrating their complete and total lack of clue again.
Who has less of a clue? A provider that announces a 1.1.1.0/24, or a provider that listens to junk like 1.1.1.0/24?
It doesn't matter what junk is announced, *IF* you could get providers not to listen to it.
This would get into the discussion about authenticating BGP again, but what happens if IANA and ARIN get all cozy (no, I don't want to think about it) and ARIN decides to allocate some /18's out of 1/8? How do the folks filtering this network (because it's a reserved number) know that it's gone from being reserved to active use? Maybe i'm just nitpicking, but with the so-called 'IP shortage', it would make some amount of sense that some of these reserved blocks will be opened up more and more. I don't like the idea of screwing over some poor new guy's connectivity just because engineering folks have better things to do than do 'whois's on their filters every week. Or is there some historical/technical reason that I'm not aware of for not listening to 1/8? -dalvenjah -- Dalvenjah FoxFire (aka Sven Nielsen) I'd like mornings better if they Founder, the DALnet IRC Network started later. e-mail: dalvenjah@dal.net WWW: http://www.dal.net/~dalvenjah/ whois: SN90 Try DALnet! http://www.dal.net/
On Wed, 13 May 1998, Dalvenjah FoxFire wrote:
This would get into the discussion about authenticating BGP again, but what happens if IANA and ARIN get all cozy
They already are all cozy, i.e. ARIN allocates address blocks delegated to it by IANA and if you want to appeal an ARIN decision, the appeal goes to IANA. Chances are that Magaziner's white paper due out today will suggest formalizing that relationship.
(no, I don't want to think about it) and ARIN decides to allocate some /18's out of 1/8? How do the folks filtering this network (because it's a reserved number) know that it's gone from being reserved to active use?
One item that is currently before the ARIN Advisory Council is a suggestion that we publish a map of all currently allocated IP space and keep that map up to date. If we do this then I think it solves this problem if people keep verifying their filters against the map or if they generate their filters based on the map.
Maybe i'm just nitpicking, but with the so-called 'IP shortage', it would make some amount of sense that some of these reserved blocks will be opened up more and more. I don't like the idea of screwing over some poor new guy's connectivity just because engineering folks have better things to do than do 'whois's on their filters every week.
Rather than whining about the "powers that be" and pointing out how the system is broken, why not propose a solution that these so-called "powers" could implement to solve the problem. IANA and ARIN and RIPE and APNIC are composed of some very ordinary yet clueful Internet folks that are capable of recognizing a good idea when it is explained to them. The ARIN AC is having a face-to-face day of meetings at the end of June followed by a Board of Trustees meeting the following day. If there is stuff that we can fix or we can do better, tell us all about it soon so we can get it on the agenda for that meeting. -- Michael Dillon - Internet & ISP Consulting Memra Communications Inc. - E-mail: michael@memra.com http://www.memra.com - *check out the new name & new website*
At 01:50 5/14/98 -0700, you wrote:
Rather than whining about the "powers that be" and pointing out how the system is broken, why not propose a solution that these so-called "powers" could implement to solve the problem. IANA and ARIN and RIPE and APNIC are composed of some very ordinary yet clueful Internet folks that are capable of recognizing a good idea when it is explained to them.
OK, Good Idea People...here's one. The ARIN WhoIs database contains many false entries, as does InterNIC's. The proposal made to InterNIC (which was ignored in so many words) was that when we users notice a bogus entry, we notify the registrar who contacts the registration owner for a correction or, if it's a blatant falsification, deletes the entry. This is a reasonably painfree way to properly administer a database relied upon by the entire world and just happens to comply with several RFCs. As an example of one I reported last week to ARIN (who suggested I contact my ISP for the info I'm after...how clueless): Lifenet Imarketing Group, Inc. (NETBLK-SPRINT-D01D98) 3090 Pullman Street, suite B Costa Mesa, CA 92626 US Netname: SPRINT-D01D98 Netblock: 208.29.152.0 - 208.29.152.255 Coordinator: Warmington, Drew (DW5183-ARIN) nomailbox@NOWHERE 7149661345 (FAX) 714-263-9260 Kindly note that the email address doesn't even have a TLD. Hard to consider it valid, what? As a side note, why not modify your software so that things like this are rejected? It shouldn't be all that hard to make sure that the email address at least has the required components. Spam(tm) is pressed meat. Spammers should be too. Dean Robb PC-Easy On-site computer services (757) 495-EASY [3279]
In message <3.0.5.32.19980514130721.008d8e30@norfolk.infi.net>, Dean Robb write s:
At 01:50 5/14/98 -0700, you wrote:
Rather than whining about the "powers that be" and pointing out how the system is broken, why not propose a solution that these so-called "powers" could implement to solve the problem. IANA and ARIN and RIPE and APNIC are composed of some very ordinary yet clueful Internet folks that are capable of recognizing a good idea when it is explained to them.
OK, Good Idea People...here's one.
The ARIN WhoIs database contains many false entries, as does InterNIC's. The proposal made to InterNIC (which was ignored in so many words) was that when we users notice a bogus entry, we notify the registrar who contacts the registration owner for a correction or, if it's a blatant falsification, deletes the entry. Warmington, Drew (DW5183-ARIN) nomailbox@NOWHERE 7149661345 (FAX) 714-263-9260 ... Kindly note that the email address doesn't even have a TLD. Hard to consider it valid, what?
As a side note, why not modify your software so that things like this are rejected? It shouldn't be all that hard to make sure that the email address at least has the required components.
I think it would be a reasonable proposal for ARIN to modify its SWIP process to do a dnslookup for the email domain to very it as valid. Possibly even a SMTP VRFY or EXPN command. However there are some companies that feel that their customer data is confidential, and refuse to reveal it. (Also if they use rwhois fixing swip won't solve the problem completely.) Right now, I haven't seen any input from ARIN members indicating this is somethign desire. I don't see raising the issue to the advisory council unless the ARIN membership desires this. (If your not an ARIN member then your opinion may not have any weight with the AC.) I think its a reasonable idea, but I'm not inclined to go against the wishes of the membership. --- Jeremy Porter, Freeside Communications, Inc. jerry@fc.net PO BOX 80315 Austin, Tx 78708 | 512-458-9810 http://www.fc.net
On Thu, 14 May 1998, Jeremy Porter wrote:
is somethign desire. I don't see raising the issue to the advisory council unless the ARIN membership desires this. (If your not an ARIN member then your opinion may not have any weight with the AC.)
I'm willing to look at good ideas no matter where they come from.
I think its a reasonable idea, but I'm not inclined to go against the wishes of the membership.
I suspect that often the members don't know what they think on an issue unless they are asked. That's why I like to see these things discussed in relatively open forums because if someone suggests a really bad thing, then at least one member is likely to call up the AC and point out why it is a problem. But in the absence of member input the AC has to operate based on their understanding of the addressing infrastructure. That's why we look for knowledgable people for the AC regardless of whether they work for an ARIN member or not. -- Michael Dillon - Internet & ISP Consulting Memra Communications Inc. - E-mail: michael@memra.com http://www.memra.com - *check out the new name & new website*
At 17:14 5/14/98 -0500, you wrote:
Right now, I haven't seen any input from ARIN members indicating this is somethign desire. I don't see raising the issue to the advisory council unless the ARIN membership desires this. (If your not an ARIN member then your opinion may not have any weight with the AC.) I think its a reasonable idea, but I'm not inclined to go against the wishes of the membership.
I must say I find your attitude....appalling. 1. How can you say you're not inclined to "go against the wishes of the membership" if you don't even ask the membership what their wishes are? I'd lay odds that no one has even thought about the issue, let alone decide if it's a weighty matter. 2. You explicitly say that unless I'm a member, my opinion may carry no weight with the AC. Does that mean that I can't have a good idea unless I first pony up $1000? How positively absurd and insulting...to the other members. Mr. Dillon said "IANA and ARIN and RIPE and APNIC are composed of some very ordinary yet clueful Internet folks that are capable of recognizing a good idea when it is explained to them.". He did NOT add the codicil that people must have paid One Thousand Dollars for the privilege of presenting an idea to these clueful folks. I sincerely hope and trust that others don't think that only the elite few can have an idea. 3. It's too late, anyway. I'm NOT a member but have made the suggestion. Hopefully, some forward-thinking, intellegent members may see this and think it worthy of discussion. 4. Of course, you can ignore the issue and let the ARIN database deteriorate to the state that InterNIC's WhoIs is in. Shall we take a poll on how many people are happy with IT? Far better to deal with a problem while it's small and keep it from becoming large. 5. I sincerely hope other members take you to task for your attitude. If all members have your mindset, I wouldn't join even if I DID had a spare grand sitting around. Spam(tm) is pressed meat. Spammers should be too. Dean Robb PC-Easy On-site computer services (757) 495-EASY [3279]
Any rational request or comment that any stakeholder (meaning user, network operator, etc) would like to present I will entertain and be more than happy to listen to. My duty as an AC member is to the public. -- -- Karl Denninger (karl@MCS.Net)| MCSNet - Serving Chicagoland and Wisconsin http://www.mcs.net/ | T1's from $600 monthly / All Lines K56Flex/DOV | NEW! Corporate ISDN Prices dropped by up to 50%! Voice: [+1 312 803-MCS1 x219]| EXCLUSIVE NEW FEATURE ON ALL PERSONAL ACCOUNTS Fax: [+1 312 803-4929] | *SPAMBLOCK* Technology now included at no cost On Thu, May 14, 1998 at 08:32:52PM -0400, Dean Robb wrote:
At 17:14 5/14/98 -0500, you wrote:
Right now, I haven't seen any input from ARIN members indicating this is somethign desire. I don't see raising the issue to the advisory council unless the ARIN membership desires this. (If your not an ARIN member then your opinion may not have any weight with the AC.) I think its a reasonable idea, but I'm not inclined to go against the wishes of the membership.
I must say I find your attitude....appalling.
1. How can you say you're not inclined to "go against the wishes of the membership" if you don't even ask the membership what their wishes are? I'd lay odds that no one has even thought about the issue, let alone decide if it's a weighty matter.
2. You explicitly say that unless I'm a member, my opinion may carry no weight with the AC. Does that mean that I can't have a good idea unless I first pony up $1000? How positively absurd and insulting...to the other members.
Mr. Dillon said "IANA and ARIN and RIPE and APNIC are composed of some very ordinary yet clueful Internet folks that are capable of recognizing a good idea when it is explained to them.". He did NOT add the codicil that people must have paid One Thousand Dollars for the privilege of presenting an idea to these clueful folks. I sincerely hope and trust that others don't think that only the elite few can have an idea.
3. It's too late, anyway. I'm NOT a member but have made the suggestion. Hopefully, some forward-thinking, intellegent members may see this and think it worthy of discussion.
4. Of course, you can ignore the issue and let the ARIN database deteriorate to the state that InterNIC's WhoIs is in. Shall we take a poll on how many people are happy with IT? Far better to deal with a problem while it's small and keep it from becoming large.
5. I sincerely hope other members take you to task for your attitude. If all members have your mindset, I wouldn't join even if I DID had a spare grand sitting around.
Spam(tm) is pressed meat. Spammers should be too.
Dean Robb PC-Easy On-site computer services (757) 495-EASY [3279]
At 17:14 5/14/98 -0500, Jeremy Porter wrote:
I think it would be a reasonable proposal for ARIN to modify its SWIP process to do a dnslookup for the email domain to very it as valid. Possibly even a SMTP VRFY or EXPN command.
However there are some companies that feel that their customer data is confidential, and refuse to reveal it. (Also if they use rwhois fixing swip won't solve the problem completely.)
How about a simple script checking the template for little things like numbers in the the phone number fields, or TLDs attached to email addresses? As for the confidentiality matter: there's a problem...a little thing called the RFCs. Specifically, RFCs 1032, 1033, 920, 1173, 1174 (and several others) require contact information that is "complete, correct and current". The information provided in a registry information is no more than what the Supreme Court has ruled is public data and as such not entitled to special protections. Furthermore, I direct your attention to RFC 1355 which deals specifically with database accuracy and privacy issues, notably: " 4. NIC Database Accuracy The value of any NIC database is dependent on the accuracy and timeliness of its contents. Any database not being maintained well can create major difficulties for those using it and for those people and organizations listed. For each publically accessible database that a NIC operates, the NIC should have a clear statement that describes the process that the NIC uses to maintain accuracy in the database. This statement could be combined with the privacy statement described above for sake of administrative convenience." In short, by permissively allowing "some ISPs" to avoid providing valid contact data you are not only defeating the purpose of the WhoIs database (may as well toss it!), but you are allowing these ISPs to flout the RFCs that govern the Internet's operation. The Internet is a cooperative endeavor, if certain entities choose not to cooperate then why should the rest of the Internet allow them connectivity? If one can pick and choose which RFCs (including STDs) to follow then where will the line be drawn? If you're not going to keep the data in the database valid, why have a database in the first place? Spam(tm) is pressed meat. Spammers should be too. Dean Robb PC-Easy On-site computer services (757) 495-EASY [3279]
Thus spake Dean Robb
I think it would be a reasonable proposal for ARIN to modify its SWIP process to do a dnslookup for the email domain to very it as valid. Possibly even a SMTP VRFY or EXPN command. [...] As for the confidentiality matter: there's a problem...a little thing called the RFCs. Specifically, RFCs 1032, 1033, 920, 1173, 1174 (and several others) require contact information that is "complete, correct and
I think he was referring to organizations that don't reveal the user data (or reveal bogus data) in response to a SMTP VRFY or EXPN command, not the data in the whois record. -- D'Arcy J.M. Cain <darcy@{druid|vex}.net> | Democracy is three wolves http://www.druid.net/darcy/ | and a sheep voting on +1 416 424 2871 (DoD#0082) (eNTP) | what's for dinner.
At 21:52 5/14/98 -0400, you wrote:
Thus spake Dean Robb
I think it would be a reasonable proposal for ARIN to modify its SWIP process to do a dnslookup for the email domain to very it as valid. Possibly even a SMTP VRFY or EXPN command. [...] As for the confidentiality matter: there's a problem...a little thing called the RFCs. Specifically, RFCs 1032, 1033, 920, 1173, 1174 (and several others) require contact information that is "complete, correct and
I think he was referring to organizations that don't reveal the user data (or reveal bogus data) in response to a SMTP VRFY or EXPN command, not the data in the whois record.
I know what he meant :). The fact remains, though, that those ISPs are in violation of several RFCs. The way the system is designed, if you want to have a domain, you're required to provide certain public information. Even InterNIC's Registration Agreement requires you to attest that the information is true and correct...which of course means that all those false registrants are guilty of perjury. Not that InterNIC will enforce their contract except for the payment provisions. Spam(tm) is pressed meat. Spammers should be too. Dean Robb PC-Easy On-site computer services (757) 495-EASY [3279]
On Thu, 14 May 1998, Jeremy Porter wrote <snip>
I think it would be a reasonable proposal for ARIN to modify its SWIP process to do a dnslookup for the email domain to very it as valid. Possibly even a SMTP VRFY or EXPN command.
<snippity> Correct me if I'm wrong but more than likley the false contact info was done on a Modify not on a New reg. -- I am nothing if not net-Q! - ras@poppa.clubrich.tiac.net
So what are you saying here Sean? We don't have a clue? 3/4 of the Internet service providers must not have a clue then. I don't belive I have ever read anywhere that 1/8 or anything smaller wasn't a valid route. Maybe you would like to show what you have in your BGP tables for 12/8? How about 9/8? How about 24/8? How about 32/8? How about 44/8? Do you want me to go on?? T..S On Wed, 13 May 1998, Sean Donelan wrote:
Looks like PSInet is demonstrating their complete and total lack of clue again.
Who has less of a clue? A provider that announces a 1.1.1.0/24, or a provider that listens to junk like 1.1.1.0/24?
It doesn't matter what junk is announced, *IF* you could get providers not to listen to it. -- Sean Donelan, Data Research Associates, Inc, St. Louis, MO Affiliation given for identification not representation
I have yet to see a mandate that stated that we must filter any prefix longer than /19. If you choose to filter at /19 that is your choice. We choose to have connectivity that isn't hampered to someone who actually has a classfull C somewhere on the net. As for filtering 1.1.1.1/24 or the entire block because it is reserved for that matter, who is to say that with the address space thinning out that the IANA won't start allocating it? Some poor provider is going to be route filtered on a totally legitimate block if we use your reasoning. Filtering announcements from your downstreams for blocks that they are not allocated on the other hand IS not only legitimate but something that I would consider a moral responsibility of every provider. If they are not multi-homed, why listen to ANYTHING that comes from them? Static route them and you have no worries. So, in answer to your question, it is the provider who makes the bogus announcement for whatever reason they made it and not the providers who listen to it who has less of a clue.
Looks like PSInet is demonstrating their complete and total lack of clue again.
Who has less of a clue? A provider that announces a 1.1.1.0/24, or a provider that listens to junk like 1.1.1.0/24?
It doesn't matter what junk is announced, *IF* you could get providers not to listen to it. -- Sean Donelan, Data Research Associates, Inc, St. Louis, MO Affiliation given for identification not representation
------- John Fraizer (tvo) | __ _ The System Administrator | / / (_)__ __ ____ __ | The choice mailto:tvo@EnterZone.Net | / /__/ / _ \/ // /\ \/ / | of a GNU http://www.EnterZone.Net/ | /____/_/_//_/\_,_/ /_/\_\ | Generation A 486 is a terrible thing to waste...
participants (10)
-
Dalvenjah FoxFire
-
darcy@druid.net
-
Dean Robb
-
Jeremy Porter
-
Karl Denninger
-
Michael Dillon
-
Rich Sena
-
Sean Donelan
-
Todd R. Stroup
-
tvo