AS Leakage

troy · April 4, 2001, 10:02pm

doubtful jon... they are just practicing that crazy voodoo called "SmartRouting"(tm).
doubtful that they wont have other paths to the Mighty UU. Wow, lookey here!
They have multiple paths!

John_Fraizer4 · April 4, 2001, 11:43pm

As someone mentioned previously this week, many of the folks are posting
from email addresses that give absolutely no hint at to their employment.

Had I known he was with Exodus, there would have been no question about
his having multiple paths into UU. Please forgive me for assuming. I
also assumed that 209 would not leak _65..._ into the global table.

snoble · April 5, 2001, 12:08am

Most of us are speaking as ourselves and not representing our
employers, so there's really no reason to post from our work email
address, or even discuss where we work. I myself can talk a lot more
freely about general things from here then I ever could from my
work account, without worry of repercussions because I was
"representing" my company publically in a bad way.

If you want to know who people are, just search for their
name on the NANOG or RIPE registration sheets for recent meetings,
that generally helps me some (although some people don't even put
the company they work for in there). Also, sometimes I just traceroute
the host they are posting from..

Darrin_Walton · April 5, 2001, 12:20am

+

>+ As someone mentioned previously this week, many of the folks are posting
>+ from email addresses that give absolutely no hint at to their employment.

I didn't know that we were required to post from our "work" email
address, or that we had to share with _you_ where we worked. A lot of us
don't feel like subscribing to _any_ mailing list with our work email, as
we already get enough mail there (I can't speak for you though).

Do you purpose that everyone now send a email to the list, stating
who they are, where they work at, and what they do? I think not.

  >+ Had I known he was with Exodus, there would have been no question about
  >+ his having multiple paths into UU. Please forgive me for assuming. I
  >+ also assumed that 209 would not leak _65..._ into the global table.

So, you were under the belief that a rather large service
provider, only had one connection to UUNet? How many paths do you,
yourself have into UU? Are they anything > DS3?

Josh_Richards · April 5, 2001, 1:20am

* Darrin Walton <darrinw@nixc.net> [20010404 17:13]:

  >+ Had I known he was with Exodus, there would have been no question about
  >+ his having multiple paths into UU. Please forgive me for assuming. I
  >+ also assumed that 209 would not leak _65..._ into the global table.

  So, you were under the belief that a rather large service
provider, only had one connection to UUNet? How many paths do you,
yourself have into UU? Are they anything > DS3?

Oh, he's got lots of paths to UU...he works for AS701 [1].

[1] I actually have no idea who he works for.

John_Fraizer4 · April 5, 2001, 1:38am

  >+
  >+ As someone mentioned previously this week, many of the folks are posting
  >+ from email addresses that give absolutely no hint at to their employment.

  I didn't know that we were required to post from our "work" email
address, or that we had to share with _you_ where we worked. A lot of us
don't feel like subscribing to _any_ mailing list with our work email, as
we already get enough mail there (I can't speak for you though).

Did I say anything about requirements or anyone sharing employment history
with me? I simply restated a previous observation which is that many list
participants post from someplace other than their work email address.

I got bombarded with emails from people because they ASSUMED that I knew
someone worked for 3967. I didn't.

Do you purpose that everyone now send a email to the list, stating
who they are, where they work at, and what they do? I think not.

I propose that you treat me in the manner in which you expect to be
treated. That is all I propose. The last time I checked, it wasn't
me who pissed in your cereal.

  >+ Had I known he was with Exodus, there would have been no question about
  >+ his having multiple paths into UU. Please forgive me for assuming. I
  >+ also assumed that 209 would not leak _65..._ into the global table.

  So, you were under the belief that a rather large service
provider, only had one connection to UUNet? How many paths do you,
yourself have into UU? Are they anything > DS3?

Did you bother reading the post prior to replying? Is English not your
primary language? Is there some other reason why you don't understand
"Had I known he was with Exodus, there would have been no question about
his having multiple paths..."?

As for paths into 701, we three. All of them > DS3.

Have a nice day Darrin.

Darrin_Walton · April 5, 2001, 2:00am

+ Did I say anything about requirements or anyone sharing employment history

>+ with me? I simply restated a previous observation which is that many list
>+ participants post from someplace other than their work email address.

you whined, basically because you did not know where someone
worked based on there email address. Stop whining, and we won't have this
problem.

>+ I got bombarded with emails from people because they ASSUMED that I knew
>+ someone worked for 3967. I didn't.

Your fault, for making it sound like you did.

  >+ I propose that you treat me in the manner in which you expect to be
  >+ treated. That is all I propose. The last time I checked, it wasn't
  >+ me who pissed in your cereal.

My first email was not one being pissy, or being rude. Why is it
you, who always tries to get people excited, and upset? I say this,
especially because of the paragraph:

  >+ Did you bother reading the post prior to replying? Is English not your
  >+ primary language? Is there some other reason why you don't understand
  >+ "Had I known he was with Exodus, there would have been no question about
  >+ his having multiple paths..."?

Your first question means nothing to me. Its very pointless.

Your second question. I already answered this. Let me try again,
maybe this time you will understand.

Do you honestly think, a company like Exodus would only have one
path to 701? Regardless of who said Exodus did, why would you not believe
it?

>+ As for paths into 701, we three. All of them > DS3.

Quite funny, why do I not see 13944 behind 701? (I mean, I could
go 701 -> 6347 -> 13944, or 6259 -> 13944, but not 701 -> 13944). Is
something wrong on your side?

>+ Have a nice day Darrin.

having a great day, how about yourself?

John_Fraizer4 · April 5, 2001, 2:25am

Do you honestly think, a company like Exodus would only have one
path to 701? Regardless of who said Exodus did, why would you not believe
it?

Did I say I didn't believe it? I said I didn't realize he worked for
exodus. Had I known that, I wouldn't have suggested that if he filters
_701_ from his other connections, he would lose 701 connectivity in the
event that his 701 connection went down.

>+ As for paths into 701, we three. All of them > DS3.

Quite funny, why do I not see 13944 behind 701? (I mean, I could
go 701 -> 6347 -> 13944, or 6259 -> 13944, but not 701 -> 13944). Is
something wrong on your side?

There is nothing wrong on my side. We're not a direct peer of 701. I
never said I did. I do have paths into 701 however. You didn't specify
direct 701_13944.

Darrin_Walton · April 5, 2001, 2:33am

+ Did I say I didn't believe it? I said I didn't realize he worked for

  >+ exodus. Had I known that, I wouldn't have suggested that if he filters
  >+ _701_ from his other connections, he would lose 701 connectivity in the
  >+ event that his 701 connection went down.

Are we done trying to show off our regex skills?

  >+ There is nothing wrong on my side. We're not a direct peer of 701. I
  >+ never said I did. I do have paths into 701 however. You didn't specify
  >+ direct 701_13944.

Maybe you the one who does not understand the English language
very well. Let me show you the original question I asked:

  >$ So, you were under the belief that a rather large service
  >$ provider, only had one connection to UUNet? How many paths do you,
  >$ yourself have into UU? Are they anything > DS3?

Your response:

>+ As for paths into 701, we three. All of them > DS3.

Caught in a lie, and trying to cover our ass now? Did not think people
would remember what was posted, less than an hour ago? How stupid do you
take us for?

I think we can end this thread now. As you can see, you are just making
yourself look worse, than you already do.

Dominic_J_Eidson · April 5, 2001, 2:50am

You do realise it's not John who's being the ass here?

*plonk*

John_Fraizer4 · April 5, 2001, 3:55am

  >$ So, you were under the belief that a rather large service
  >$ provider, only had one connection to UUNet? How many paths do you,
  >$ yourself have into UU? Are they anything > DS3?

Your response:

  >+ As for paths into 701, we three. All of them > DS3.

Caught in a lie, and trying to cover our ass now? Did not think people
would remember what was posted, less than an hour ago? How stupid do you
take us for?

Huh? Lie? You asked how many paths I had into UU. We have transit from
three different sources. We have three paths into 701. All connections
are > DS3. Where is the lie?

John_Fraizer4 · April 5, 2001, 4:01am

  >+ Did I say anything about requirements or anyone sharing employment history
  >+ with me? I simply restated a previous observation which is that many list
  >+ participants post from someplace other than their work email address.

  you whined, basically because you did not know where someone
worked based on there email address. Stop whining, and we won't have this
problem.

Excuse me?

Whined?

Date: Wed, 4 Apr 2001 19:43:37 -0400 (EDT)
From: John Fraizer <nanog@Overkill.EnterZone.Net>
To: troy@clownhammer.org
Cc: Christian Nielsen <cnielsen@nielsen.net>, Travis Pugh
<tpugh@shore.net>, Nanog mailing list <nanog@merit.edu>
Subject: Re: AS Leakage

As someone mentioned previously this week, many of the folks are posting
from email addresses that give absolutely no hint at to their employment.

Had I known he was with Exodus, there would have been no question about
his having multiple paths into UU. Please forgive me for assuming. I
also assumed that 209 would not leak _65..._ into the global table.

---
John Fraizer
EnterZone, Inc

There is no whining. I simply stated that I did not realize that the
individual worked for exodus and that had I known, there would have been
no question about his having multiple paths into UU. As
in: "Wow. Sorry. I didn't realize he worked for Exodus. Obviously they
peer with 701 in multiple locations."

  >+ I got bombarded with emails from people because they ASSUMED that I knew
  >+ someone worked for 3967. I didn't.

  Your fault, for making it sound like you did.

Where is it that I made it sound like I did?

  >+ I propose that you treat me in the manner in which you expect to be
  >+ treated. That is all I propose. The last time I checked, it wasn't
  >+ me who pissed in your cereal.

  My first email was not one being pissy, or being rude. Why is it
you, who always tries to get people excited, and upset? I say this,
especially because of the paragraph:

Your first email was condecending and sarcasm laiden. You don't consider
that being pissy or rude?

  >+ Did you bother reading the post prior to replying? Is English not your
  >+ primary language? Is there some other reason why you don't understand
  >+ "Had I known he was with Exodus, there would have been no question about
  >+ his having multiple paths..."?

  Your first question means nothing to me. Its very pointless.

  Your second question. I already answered this. Let me try again,
maybe this time you will understand.

  Do you honestly think, a company like Exodus would only have one
path to 701? Regardless of who said Exodus did, why would you not believe
it?

How many ways can I say "I didn't realize that Christian was
speaking about Exodus?

Follow along if you will.

On Date: Wed, 4 Apr 2001 09:59:05 -0700 (PDT)
Christian Nielsen <cnielsen@nielsen.net> posted:

"

I take transit from Qwest (209), and had to contact them directly and
open a ticket several weeks ago to get them to stop leaking private
ASNs into my tables. They stopped leaking them to me, but apparently
going the extra step and making sure the leak was filtered everywhere
was too much to ask.

I have a question. Why do you allow Private ASNs into your network? We saw
this once and put in the filters. Same with RFC1918 IPs and default. We
dont care to listen to these from other networks so we filter. We saw 64/8
in our network, we filtered. We saw leaks from RESERVED-IANA blocks, so we
filtered. We saw providers leaking exchange point blocks, so we filtered.
we dont want to see _701_ from sprint or anyone except _701_, so we
filter. we do this for other large providers.

See a problem, filter.

Maybe I should start a company and publish filters since most companies
seem not to have real filters in their network

Christian"

To which I replied:

"That's strange. Your 701 connection goes down and you've filtered any
backup route you had into them. Good thinking."

To which troy@clownhammer.org replied with a list of Exodus<->UU links....

To which I replied:

"As someone mentioned previously this week, many of the folks are posting
from email addresses that give absolutely no hint at to their employment.

Had I known he was with Exodus, there would have been no question about
his having multiple paths into UU. Please forgive me for assuming. I
also assumed that 209 would not leak _65..._ into the global table."

It's real simple. I didn't realize that Christian was speaking as
Exodus when he used the word "We." I stated this and cited another NANOG
post by Sean Doran from Tue, 3 Apr 2001 17:42:09 -0700 (PDT) where he
said:

"P.S.: Isn't it cool that none of us is using an address which in any
way informs a person who didn't already know, who it is that we
work for?"

I _DID_NOT_KNOW_ that Christian worked for Exodus.
I _DID_NOT_KNOW_ that Christian worked for Exodus.
I _DID_NOT_KNOW_ that Christian worked for Exodus.

>+ As for paths into 701, we three. All of them > DS3.

Quite funny, why do I not see 13944 behind 701? (I mean, I could
go 701 -> 6347 -> 13944, or 6259 -> 13944, but not 701 -> 13944). Is
something wrong on your side?

Nothing wrong at all. Congrats on working for a 6461. We all know your
_employer_ has direct peering relationships with 701. You're special.
I'm proud of you. Can I do anything else to boost your ego? Probably
not.

I still like my path into www.uu.net better than yours:

1 main.bungi.com (207.126.97.9) 1.84 ms 1.89 ms 1.67 ms
2 above-gw1.above.net (207.126.96.249) 4.5 ms 3.90 ms 6.48 ms
3 epe2-epe1-fe.sjc1.above.net (209.249.0.206) 11.9 ms 9.99 ms 9.30 ms
4 main2-epe2-fe.sjc1.above.net (64.124.128.13) 6.91 ms 4.33 ms 5.40 ms
5 core5-main2-oc12.sjc1.above.net (209.133.31.189) 3.77 ms 4.9 ms 6.10 ms
6 core3-sjc1-oc48.sjc2.above.net (208.184.102.206) 4.9 ms 4.47 ms 4.14 ms
7 iad1-sjc2-oc48.iad1.above.net (216.200.127.25) 72.5 ms 72.1 ms 72.1 ms
8 core5-core1-oc48.iad1.above.net (208.185.0.146) 72.9 ms 73.8 ms 73.0 ms
9 lga1-iad1-oc192.lga1.above.net (208.184.233.66) 76.8 ms 77.1 ms 76.8 ms
10 core2-lga1-oc192.lga2.above.net (208.185.0.250) 80.4 ms 76.6 ms 149 ms
11 core3-core2-oc48.lga2.above.net (216.200.127.170) 79.6 ms 76.4 ms 76.3 ms
12 uunet-abovenet-oc12.lga2.above.net (208.184.231.246) 121 ms 77.5 ms 77.3 ms
13 526.at-5-0-0.XR2.NYC8.ALTER.NET (152.63.23.78) 80.4 ms 78.7 ms 78.5 ms
14 182.at-2-0-0.TR2.NYC8.ALTER.NET (152.63.19.210) 78.0 ms 146 ms 78.0 ms
15 124.at-6-0-0.TR2.ATL5.ALTER.NET (152.63.0.253) 120 ms 123 ms 123 ms
16 0.so-4-0-0.XR2.ATL5.ALTER.NET (152.63.9.234) 121 ms 121 ms 120 ms
17 192.ATM7-0.SR1.ATL5.ALTER.NET (152.63.81.125) 122 ms 121 ms 237 ms
18 * * *
19 loopback0.msfc1.dr1.atl7.web.uu.net (198.5.128.20) 121 ms 121 ms 121 ms
20 loopback0.msfc1.dr1.atl7.web.uu.net (198.5.128.20) 120 ms !U * 121 ms !U

1 CORE-0-GE-3-1000M.CMH.ENTERZONE.NET (66.35.65.1) 0.550 ms 0.683 ms 0.895 ms
2 64.241.88.6 (64.241.88.6) [6347] 12.375 ms 12.864 ms 12.602 ms
3 atm8-0-093.CR-2.uschcg.savvis.net (64.241.88.65) [6347] 13.240 ms 12.508 ms 12.480 ms
4 500.POS2-1.GW6.CHI6.ALTER.NET (157.130.116.201) [701] 12.316 ms 13.141 ms 11.699 ms
5 117.ATM2-0.XR1.CHI6.ALTER.NET (146.188.209.170) [701] 12.331 ms 12.708 ms 12.619 ms
6 191.at-1-1-0.TR1.CHI4.ALTER.NET (146.188.208.242) [701] 13.622 ms 13.131 ms 12.654 ms
7 106.at-6-1-0.TR1.ATL5.ALTER.NET (146.188.142.33) [701] 64.484 ms 64.417 ms 63.480 ms
8 0.so-4-0-0.XR1.ATL5.ALTER.NET (152.63.9.226) [701] 63.511 ms 63.545 ms 64.432 ms
9 193.ATM5-0.SR1.ATL5.ALTER.NET (152.63.81.113) [701] 64.489 ms 64.268 ms 65.451 ms
10 * * *
11 loopback0.msfc1.dr1.atl7.web.uu.net (198.5.128.20) [11486] 63.762 ms 65.269 ms 65.466 ms
12 loopback0.msfc1.dr1.atl7.web.uu.net (198.5.128.20) [11486] 65.090 ms !X 65.451 ms

$host -l customer.alter.net | grep above
abovenet-tco1.customer.alter.net has address 157.130.38.138
abovenet-tco2.customer.alter.net has address 157.130.38.142
above2-t3-gw.customer.alter.net has address 137.39.252.34
above-gw.customer.alter.net has address 137.39.133.142
abovenet-pao1-gw.customer.alter.net has address 157.130.194.102
above.net-gw.customer.alter.net has address 157.130.138.46
abovenet-tco-gw.customer.alter.net has address 157.130.33.114
abovenet-pao2-gw.customer.alter.net has address 157.130.194.106
abovenetnyc-gw.customer.alter.net has address 157.130.31.46
abovenetchi-gw.customer.alter.net has address 157.130.111.90
abovenet-dca-gw.customer.alter.net has address 157.130.37.254

Wow. Surely out of all those 701 circuits, you could have handed that traffic off to 701 prior to hauling it to New
York first.

I still bow to your obviously superior connectivity. Your _EMPLOYER_ has
more peering agreements in place than _MY_ company has. You win.

>+ Have a nice day Darrin.

having a great day, how about yourself?

It's getting better by the second.

Now that we _hopefully_ both understand how the thread went, can we let
this drop? Better yet. You can say what you like. I'm not replying any
further to you.

Christian_Nielsen2 · April 5, 2001, 4:41am

How many ways can I say "I didn't realize that Christian was speaking
about Exodus?

I try to speak about networks in general. I hope that many people on the
list understand peering and filtering.

For example. If I peer with any provider, from Sprint to the provider
sending me 1 route I will filter _701_ from all of them. I will also
filter _1239_ from _701_ and all other peers. Please be aware, that I used
the term PEER and not Transit provider.

I would filter the RFC1918 from peers and transit providers. I would
filter IANA-RESERVED. I would filter my own IP space (no reason to see
someone else deagg towards me)

People have emailed me privately about filtering and I have given some
examples of filtering.

At the end of Feb, Steve Meuse and I talked about filtering at the LINX
meeting. If people would have followed some of the information given, they
might not have had a problem when an internet provider leaked the linx IP
addresses

! LINX
access-list 1 deny 195.66.224.0
access-list 1 deny 195.66.225.0

Here is the URL if anyone would like to look at some of the filtering
Exodus does

http://www.nielsen.net/people/christian/linx.html

Christian

I _DID_NOT_KNOW_ that Christian worked for Exodus.
I _DID_NOT_KNOW_ that Christian worked for Exodus.
I _DID_NOT_KNOW_ that Christian worked for Exodus.

btw, i still work for Exodus...

Robbie_Harrell · April 5, 2001, 4:10pm

Is there a published list of best practice filters out there?