nanog mailing list archives
Re: net.terrorism
From: William Allen Simpson <wsimpson () greendragon com>
Date: Tue, 09 Jan 2001 08:07:48 -0500
Sabri Berisha wrote:
I am concerned. Concerned about people and companies who think they are in the position to be net.gods and for political reasons destroy the free character of the internet.
I've been involved for over 20 years, and don't remember this "free character". Perhaps there is a language translation problem? That also applies to the use of the word "terrorism"?
In the history of the internet, people have been trusting each other.
When? I remember the RFCs on policy based routing over a decade ago. Have you read them?
In my opinion, announcing a netblock using BGP4 is making a promise to carry traffic to a destination within that netblock. If you feel that parts of that network are against your ethics or AUP, you should not be announcing such a netblock.
Announcing a netblock doesn't promise that every address in that block exists or is reachable. A network that is blocked for AUP violations doesn't "exist", and usually returns the ICMP message "Unreachable -- Administratively Prohibited" specifically designed for such situations. Have you read "Router Requirements"?
Above.net is blocking a host in UUnet IP space. ...194.178.232.55/32. --> this tester is part of a /16 belonging to uunet, and sends traffic which is in violation of our AUG. we complained to uunet without any effect. if we have blocked access from this /32 to our backbone, we are within our rights.After this mail, we contacted Above.net again. They basically told us it was for our own protection because that traffic from that host does not comply to their AUP. We specifically told them we really don't mind them blackholing that host but *announcing* a route for it. So far no response.
Where did they announce a "host route"? I thought you said they announce a route to an netblock -- an entire /16? It seems from the email that they clearly stated that the traffic was in violation of the AUP. We all block specific sites that harm our networks. Otherwise, there would be no capacity left for our customers. It's the "policy" part, for which BGP was designed. Go read the design RFCs. If you are participating in tests with 194.178.232.55 (relaytest.orbs.vuurwerk.nl), then you need a private connection to that specific site, just as many academic sites test unstable network software. Expensive, but shouldn't be too bad considering that both of you are in the Netherlands.... WSimpson () UMich edu Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32
Current thread:
- Re: net.terrorism, (continued)
- Re: net.terrorism William Allen Simpson (Feb 24)
- Re: net.terrorism Leo Bicknell (Feb 24)
- Re: net.terrorism John Payne (Feb 24)
- Re: net.terrorism Sabri Berisha (Feb 24)
- Re: net.terrorism jlewis (Feb 24)
- Re: net.terrorism Sabri Berisha (Feb 24)
- Re: net.terrorism jlewis (Feb 24)
- Re: net.terrorism Valdis . Kletnieks (Feb 24)
- Re: net.terrorism Sabri Berisha (Feb 24)
- Re: net.terrorism Mark Mentovai (Feb 24)
- Re: net.terrorism Shawn McMahon (Feb 24)
- Re: net.terrorism Sabri Berisha (Feb 24)
- Re: net.terrorism Adrian Chadd (Feb 24)
- Re: net.terrorism Joshua Goodall (Feb 24)
- Re: net.terrorism Adrian Chadd (Feb 24)
- Communities for blackholes (was: re: net.terrorism) Joshua Goodall (Feb 24)