This is not new, or even an increasing trend.
I used to contact between 80 and 100 different NOCs every six months. I
would call every NOC contact phone number, and ask them to confirm it
was the correct phone number. Its amazing how many NOC's didn't know
their own number. And when I told them what number I had dialed, didn't
know that number was connected to their NOC.
The phone number churn was a consistent 30%, even with contact information
exchanged in accordance with written peer agreements. Every six months
it would take me almost a week to reach 90 or so NOCs, and get the
current contact information. In the case of a couple of NOCs, in three
years I was never able to reach anyone at the NOC willing to confirm
the information.
I used to post the results of my "drill" on NANOG.
IOPS set up a contact list for its members, and for a while was doing
monthly drills. But since IOPS's keeps it a secret, I don't know how
successful they've been.
About two years ago, I proposed to all major providers we set up a set
of permanent, private communication links between all the NOCs. The "phone
number" would be your ASN(s). The system would be based on the same
technology used by the NAWAS and NTA. Which lets you set up an instant
conferences. I can set up the system so those providers who want to
talk in "private," have conferences as small as two parties or as large
as everyone on the network, while monitoring multiple circuits at
the same time.
10 providers thought it was a good idea, but the two largest providers
never responded to any inquiries.
I can bring the idea out of mothballs again, if folks are interested.
It's infuriating that the xenophobia and paranoia of the tier1s is such a
roadblock to keeping networks running smoothly. Try to contact them when
one of their colo's is flooding the net with attacks and the usual
response is something along the lines of a hermit crab retreating into its
shell.
The only thing harder than getting a tier1 to turn off their smurf amps is
getting the US military to turn off their smurf amps. Public tax dollars
being used to ddos the private sector. Mmmmmm gives you such a warm fuzzy
feeling...
It'd be nice to start a standard facility for noc communication.
Even better if active membership would become important enough to be a
major factor for circuit purchasing...
Sigh, one can dream...
-Dan
Sean Donelan wrote:
I can bring the idea out of mothballs again, if folks are interested.
I'd love to have access to the info. The question becomes how widely you
want to distribute the list. At one end of the spectrum is a list shared
only by Tier-1's and perhaps the admins at the largest of the smaller ISPs
and NSPs. At the other end is Jared Mauch's publically-accessible list.
Another thought - I don't advocate lots of government involvement in the
Internet arena, but perhaps it's time that our Congresscritters demanded
that these big companies talk to each other. Those big guys want us to think
that Internet transit is as reliable as dialtone.[0] It won't be as long as
they continue to make it difficult to stop attacks...
It is, but this issues keeps getting hashed and rehashed here, and
absolutely nothing ever happens about it. Without buy-in from "people that
matter" all of these endless discussions are simply more grist for the
mill.
It gets even worse when said providers are sometimes recalcitrant or
outright refuse to help even their paying customers to mitigate and/or
trace attacks.
One large provider of hosting services who shall remain nameless in
the hopes they will become more helpful through private discussion
recently told one of my clients that placing RFC-1918 filters within their
borders(the client was being DDOS'd in part from machines within that
providers network) was "against policy" and they wouldn't do it.
I shudder to think what they tell non-customers(if they even talk to them
at all.)