Hi Guys,
Except for the email on ARIN’s details, does anyone else have a contact for the DoD?
We are experiencing a situation with a 3rd party (direct peer), wanting to advertise DoD address space to us, and we need to confirm whether they are allowed to do so or not.
Range in question is the 22.0.0.0/8 network, which according to ARIN is actively assigned to the DoD (US).
Hi,
Hi Guys,
Except for the email on ARIN's details, does anyone else have a contact for
the DoD?We are experiencing a situation with a 3rd party (direct peer), wanting to
advertise DoD address space to us, and we need to confirm whether they are
allowed to do so or not.Range in question is the 22.0.0.0/8 network, which according to ARIN is
actively assigned to the DoD (US).
There is no route inside this /8:
> show route primary where net ~ [ 22.0.0.0/8+ ]
>
Regards,
maybe a typo, start from 23/8 not 22/8
I know that much - but just because it’s not advertised, doesn’t mean you’re allowed to use it?
It’s not a typo either - the net in question is 22/8 - https://whois.arin.net/rest/net/NET-22-0-0-0-1/pft?s=22.0.0.0%2F8
It’s directly assigned space, I can’t find any reference anywhere about subnets within that space that has been re-assigned, or that is in use by anyone else.
It means that you’re not supposed to advertise it to your peers, at least.
The usage of public-but-not-used space inside networks isn’t really my
problem as long as it’s not mine (and I never did something like this).
a message of 35 lines which said:
We are experiencing a situation with a 3rd party (direct peer),
wanting to advertise DoD address space to us, and we need to confirm
whether they are allowed to do so or not.
The US military lacks money and sold parts of 22/8, like the radio
amateurs? 
Apparently, no part of it ever appeared on the Internet.
22/8 is actively used by DoD, just not publicly. It would be in your best interest to not accept routes for it.
if you need something more official, contact the DoD NIC directly at the email address specified in WHOIS.
Precisely what I was afraid off. I have contacted the DoD NIC, am waiting
for a response from them.
Thank you Jason,
Chris.
On the off chance that they read this thread, I'm curious if they are aware of 7.7.7.0/24.
https://stat.ripe.net/7.7.7.0%2F24#tabId=routing
Rob
Yeah, check with the DoD NIC 100% of the time. Probably a pretty safe bet that unless they are a US government agency, they’re not authorized.
For anyone who did not attend NANOG last week, representatives from NCIS and the FBI reminded the audience in no uncertain terms that “industry standard squat space” does not exist. If you’re ‘borrowing’ DoD space, hope you don’t get caught doing so.
Hi Guys,
Except for the email on ARIN's details, does anyone else have a contact for
the DoD?We are experiencing a situation with a 3rd party (direct peer), wanting to
advertise DoD address space to us, and we need to confirm whether they are
allowed to do so or not.
A signed ROA would be strong attestation. Anything else is
suspect.
Range in question is the 22.0.0.0/8 network, which according to ARIN is
actively assigned to the DoD (US).
Of timely reference was this presentation from last Monday
by some USG folks who have a keen interest in address
hijacking. Unfortunatelky not recorded, but slide 11 has
some interested parties and points of contact.
https://pc.nanog.org/static/published/meetings/NANOG77/2108/20191028_Elverson_Your_As_Is_v1.pdf
Cheers,
Joe
Hi Everyone,
Thank you very much for all the information, suggestions, and feedback.
We have been contacted by the NCIS now, and will be discussing the matter further with them.
I don’t think I’m comfortable, or feel it is justified, to discuss this matter further publicly. I now find myself in the absolute last situation where I wanted to be in.
Regards,
Chris.
That sounds like someone is squatting on DoD IP space, likely for something like CGN and (hopefully inadvertently) wanting to advertise it to you.
This thread got me to wondering, is there any legitimate reason to see 22/8 on the public Internet? Or would it be okay to treat 22/8 like a Bogon and drop it at the network edge?
My routing experience has to treat these as bogons unless you really need to be routing DoD space which is not so common. A lot of entities have used this space to carry their b.s…
As another frequent poster rights YMMV.
From experience, Richard Golodner
Given the transfer market for IPv4 addresses, the spot price for IPv4 addresses, and the need of even governments to find “free” (as in unconstrained) money, I’d think treating any legacy /8 as a bogon would not be prudent.
Regards,
-drc
Peace,
Using the generally accepted definition of a bogon ( RFC 1918 / 5735 / 6598 + netblock not allocated by an RiR ), 22/8 is not a bogon and shouldn’t be treated as one.
The DoD does not announce it to the DFZ, as is their choice, but nothing says they may not change that position tomorrow. There are plenty of subnets out there that are properly allocated by an RiR, but the assignees do not send them to the DFZ because of $reasons.
In my opinion, creating bogon lists that include allocated but not advertised prefixes is poor practice that is likely to end up biting an operator at one point or another.
Tom –
Most definitely: lack of routing history is not at all a reliable indicator of the potential for valid routing of a given IPv4 block in the future, so best practice suggest that allocated address space should not be blocked by others without specific cause.
Doing otherwise opens one up to unexpected surprises when issued space suddenly becomes more active in routing and is yet is inexplicably unreachable for some destinations.
/John
I believe the DoD space might be a bit of a difficult one, because (correct me if I am wrong here) due to it being so massive and unused for so long, certain large corporations that have run out of RFC1918, etc. space have started using it internally.
So my take on it is, don’t consider it as a bogon from your upstreams, but maybe have some questions if your downstream is attempting to announce it as they are somewhat unlikely to be the DoD.
But if you do this, make sure you keep track of where you might have put policies like this in, in case the DoD sells some the space or whatever in the future.
Indeed.
/John