RE: Abuse procedures... Reality Checks

["Frank Bulk" <frnkblk () iname com>]

That's been my entire point.  Network operators who properly SWIP don't get
credit for going through the legwork by other networks that apply
quasi-arbitrary bit masks to their blocks.  

As I said before, if you're going to block a /24, why not do it right and
block *all* the IPs in their ASN?  My DSL and cable modem subscribers are
spread across a dozen non-contiguous /24s.  If the bothered network is upset
with one of my cable modem subs and blocks just one /24 they will open
themselves up when that CPE obtains a new IP in a different /24.  

Frank

-----Original Message-----
From: owner-nanog () merit edu [mailto:owner-nanog () merit edu] On Behalf Of Pete
Templin
Sent: Monday, April 09, 2007 3:42 PM
To: Chris Owen
Cc: nanog () merit edu
Subject: Re: Abuse procedures... Reality Checks


Chris Owen wrote:
> Well, "well managed" to me would mean that allocations from that /20 
> were SWIPed or a rwhois server was running so that if any of those 4,000 
> IP addresses does something bad you don't get caught in the middle.

Due diligence with SWIP/rwhois only means that one customer is well 
documented apart from another.  As this thread has highlighted, some 
people filter/block based on random variables: the covering /24, the 
covering aggregate announcement, and/or arbitrary bit lengths.  If a 
particular server is within the scope of what someone decides to 
filter/block, it gets filtered or blocked.  Good SWIPs/rwhois entries 
don't mean jack to those admins.

pt