Re: DoD IP Space

[Randy Bush <randy () psg com>]

> > anyone seeing roas in 11/8?  i am not.
> am not either, I would be curious to know if the RPKI discussion came up
> for the prefixes in the run up to turning up this new service.

what i hope is that they publish the results of their experiment.  a bit
more depth in discussion in ripe community.

---

From: Randy Bush <randy () psg com>
Subject: Re: [anti-abuse-wg] AS8003 and U.S. Department of Defense routing
To: Brian Nisbet <brian.nisbet () heanet ie>
Cc: Anti Abuse WG <anti-abuse-wg () ripe net>
Date: Tue, 27 Apr 2021 08:22:16 -0700

interesting wg to do routing security analysis.

as i do really not know the dod's or their proxy's motive(s), i can not
say much about their tactics let alone strategy.

i do know, and have actually seen and experienced, part of 11/8 being
used as if it was 1918 space; ripe bologna was the first time.  and the
food in that town was fantastic!

a /8 telescope would pick up leakage patterns as well as the current
shotgun blast of announcements (i presume folk have looked at the actual
announcements).  i would naïvely think that the /8 might be slightly
more easily analyzed than the pieces.

maybe, as the telescope analysis shows focused leaks, they are trying to
disrupt those focused uses with these focused announcements.

but, if an op is using 11.12.666.0/23 internally, would they be careless
enough to accept an exogenous announcement of that space?  i guess i
should not underestimate carelessness.

is some random (small, i hope) isp using my address space internally as
1918 equivalent abusive, beyond their customers maybe not be able to
reach my network?  if so, maybe the vigilantes are looking in the wrong
direction.

randy

---
randy () psg com
`gpg --locate-external-keys --auto-key-locate wkd randy () psg com`
signatures are back, thanks to dmarc header butchery