nanog mailing list archives

Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours

From: Colin Johnston <colinj () gt86car org uk>
Date: Mon, 20 Jul 2015 20:50:21 +0100

new idea to free up network ranges for arin and ripe
give a class c to china firewall, then put all the existing china ranges back in allocation pool and reallocate to new 
customers.
anounce these new ranges with a higher pref than china ranges and then watch china start to cooperate at the nic level 
and abuse level

colin

Sent from my iPhone

On 20 Jul 2015, at 20:40, ML <ml () kenweb org> wrote:

On 7/20/2015 2:57 PM, Valdis.Kletnieks () vt edu wrote:
On Mon, 20 Jul 2015 19:42:39 +0100, Colin Johnston said:

see below for china ranges I believe, ipv4 and ipv6

You may believe... but are you *sure*?  (Over the years, we've seen
*lots* of "block China" lists that accidentally block chunks allocated
to Taiwan or Australia or other Pacific Rim destinations).


If you really wanted to go the route of blocking all/almost all China.  Isn't there a short list of ASNs that provide 
transit to China citizens/networks?
I'm referring to AS4134, AS4837, etc
Wouldn't blackholing any prefix with those ASNs in the AS path accomplish the goal and stay up to date with a new 
prefixes originated from China?

Current thread:

Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours, (continued)
- - - Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours Pavel Odintsov (Jul 21)
    - Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours Justin M. Streiner (Jul 22)
    - Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours Stephen Satchell (Jul 23)
    - RE: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours Nicholas Warren (Jul 23)
    - RE: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours Justin M. Streiner (Jul 23)
    - Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours Ca By (Jul 23)
    - Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours Valdis . Kletnieks (Jul 23)
    - Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours Mike Hammett (Jul 21)
    - Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours Christopher Morrow (Jul 20)
    - Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours ML (Jul 20)
    - Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours Colin Johnston (Jul 20)
    - Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours Valdis . Kletnieks (Jul 20)
    - Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours James Milko (Jul 20)
- Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours Ca By (Jul 20)
  - Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours John Weekes (Jul 20)
    - Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours Ca By (Jul 20)
    - Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours John (Jul 20)
  - Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours Curtis Maurand (Jul 21)
    - Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours Jared Mauch (Jul 21)
    - Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours Rafael Possamai (Jul 21)
    - Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours Pavel Odintsov (Jul 21)

(Thread continues...)