nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Do you have INOC-DBA set up? (was: Re: PCH.net questions and thoughts - Re: Prefix hijacking by AS20115)

From: Niels Bakker <niels=nanog () bakker net>
Date: Tue, 29 Sep 2015 17:44:32 +0200
* jra () baylink com (Jay Ashworth) [Tue 29 Sep 2015, 17:31 CEST]:

The idea of a private tieline network that is connected, by SIP, to a line
appearance in the NOC of each AS, and no one else is on it, seems like a
fine idea to me.


Until you take into account that SIP doesn't work through many
firewalls, that people generally don't give a second thought to
timezones, that network engineers generally dislike having to mess
with voice systems, etc. etc.

2 out of 3 INOC-DBA calls I ever received were silent on their end
(presumably) due to firewalls; the third call was a test.



And that was INOC-DBA's original goal, as I understand it:

You're having a problem?  It's coming from some specific AS?

Pick up the phone, mash the red INOC line button, dial the AS
number, and you're talking to their NOC.

And that's *authenticated*: since it's low enough churn to set up
by hand, it's authenticated by humans.


In other words, it wasn't secure, it wouldn't scale and churn killed it.



Show of hands: who has it set up, correctly, right now?


No.  There is nothing I'd do after receiving a phone call that I
wouldn't do via email anyway.


        -- Niels.
Previous By Date Next
Previous By Thread Next

Current thread: