nanog mailing list archives
Re: de-peering for security sake
From: bzs () theworld com
Date: Mon, 18 Jan 2016 14:31:10 -0500
On January 18, 2016 at 00:21 Valdis.Kletnieks () vt edu (Valdis.Kletnieks () vt edu) wrote:
On Sun, 17 Jan 2016 19:39:52 -0500, bzs () theworld com said:How about if backed by an agreement with the 5 RIRs stating no new resource allocations or transfers etc unless a contract is signed and enforced? Or similar.Then they'd just resort to hijacking address space. Oh wait, they already do that and get away with it....
I think we're talking about two different problems, both valid. One is legitimate operators who probably mostly want to do the right thing but are negligent, disagree (perhaps with many one this list) on what is an actionable problem, etc. The other are those actors prone to criminality. I was addressing the first problem though I'd assert that progress on the first problem would likely yield progress on the second, or cooperation anyhow.
(And a threat of withholding IP address space from long-haul providers isn't as credible - they have much less need for publicly routed IP addresses than either eyeball farms or content farms, so you'll have to find some other way to motivate them to not accept a hijacked route announcement...)
No man is an island entire of himself -- John Donne. First one has to agree to the concept of creating a network based on contractual agreements. I gave some examples of how to encourage actors to enter into those contracts, my list wasn't intended to be exhaustive, it was intended to be an existence proof, some pressure points exist and are easy to understand even if not complete. Besides, why make the perfect the enemy of the good? If many, perhaps not all (or not at first), agreed to a common set of contractual obligations that would be progress, no? Is there even a document which describes what a "hijacked" net block is and why it is bad? Obvious? No, it is not obvious. The best one can say is there exist obvious cases. -- -Barry Shein Software Tool & Die | bzs () TheWorld com | http://www.TheWorld.com Purveyors to the Trade | Voice: +1 617-STD-WRLD | 800-THE-WRLD The World: Since 1989 | A Public Information Utility | *oo*
Current thread:
- Re: de-peering for security sake, (continued)
- Re: de-peering for security sake Owen DeLong (Jan 16)
- Re: de-peering for security sake Valdis . Kletnieks (Jan 16)
- Re: de-peering for security sake bzs (Jan 17)
- Re: de-peering for security sake Dan Hollis (Jan 17)
- Re: de-peering for security sake Ca By (Jan 17)
- Re: de-peering for security sake bzs (Jan 17)
- Re: de-peering for security sake Doug Barton (Jan 17)
- Re: de-peering for security sake Dan Hollis (Jan 17)
- Re: de-peering for security sake bzs (Jan 17)
- Re: de-peering for security sake Valdis . Kletnieks (Jan 17)
- Re: de-peering for security sake bzs (Jan 18)
- Re: de-peering for security sake Michael O'Connor (Jan 19)
- Re: de-peering for security sake bzs (Jan 19)
- Re: de-peering for security sake Colin Johnston (Jan 20)
- Re: de-peering for security sake Valdis . Kletnieks (Jan 16)
- Re: de-peering for security sake Owen DeLong (Jan 16)