nanog mailing list archives
Voluntary cooperation (Re: Inter-provider communications )
From: Sean Donelan <sean () donelan com>
Date: 22 Jan 2001 00:50:50 -0800
On Sun, 21 January 2001, Steve Sobol wrote:
Another thought - I don't advocate lots of government involvement in the Internet arena, but perhaps it's time that our Congresscritters demanded that these big companies talk to each other. Those big guys want us to think that Internet transit is as reliable as dialtone.[0] It won't be as long as they continue to make it difficult to stop attacks...
Strangely, one of the reasons given why providers do not talk to each other is the government is *NOT* involved. Without a mandate from the government, some folks feel it would be improper for any of the providers to exchange information. If you look at the other utilities, the inter-provider communication occurs via either government mandated, or "voluntary cooperation" with government supervised systems. The former RBOCs and major IXCs communicate via a network established by the NTA and NCA. This was set up at the insistance of the US Military when AT&T was broken up, and was part of the consent decree. This usually connects to an entirely different part of a company than their Internet operations center. Frequently the "phone NOC" and the "internet NOC" are in different states, and don't share the information either. The electric companies communicate via a network established by NERC. This was set up after the Northeast blackout in 1965, and under intense government interest, the industry established a "voluntary" system. There are strict rules about segregating information needed for the operation of the grid, and so-called market information used by sales, brokers, and even management. There is also a communication network used by about a dozen major international carriers. I've never found much information about it, but it seems related to NATO. Or there is very strong overlap between NATO countries, and the national carriers on the network. The Consolidated Tape System, which reports the "official" prices for all the stock exchanges, is jointly owned by the exchanges and supervised by the SEC. Even in the Internet security area, it seems like the only long-lasting programs are those funded by the government. CERT/CC has been around over a decade, but still has trouble sharing information. Last week a group of companies announced yet another attempt, IT-ISAC as part of the Department of Commerce's critical infrastructure protection efforts. The FBI has a similar program called InfraGuard. Richard Clarke called it a "patriotic move" by the participating companies. Paying $5,000 and issuing a press release is the easy part. The hard part is if any of the companies will actually contribute hard data. However, there is another way. There is one information sharing network connecting every major NOC. If you want to reach them all, CNN is the way to do it. I think of it as a last resort, but a couple of large providers have shown on more than one occasion, it is the only communication channel that gets a response. I wish there was a better way, and I'm more than willing to work with anyone on alternatives which will have "buy in" from all the major providers. My goal is to solve the problem, not issue yet another happy days press release. But in the mean time, use the channels proven to work. I'm begging, please give me an alternative that works.
Current thread:
- Voluntary cooperation (Re: Inter-provider communications ) Sean Donelan (Feb 24)