re: in-addr survey

George_Michaelson1 · May 14, 2001, 9:30pm

Hi. I'm new here, I hope I'm not in breach of AUP diving in.

Some time ago (2-3 years?) I discussed how a large mirror site
could use BGP information to modify common log format logging
in apache to dump BGP source-AS information.

The idea was to tag the logline with the AS of the neighbour of
the ISP the mirror was hosted on, so the inbound path could be
determined. Actually, the idea was to do the (much smaller than
exhaustive IP) work to tag things in one of 3 or 4 classes which
could be named:

  on-net # this ISP, or zero-cost equivalents
  domestic# at least I know its onshore
  offshore# came on a slow/long link

Glenn (its aarnet) worked out a simple hack on Zebra to make this
fly.

I didn't deploy it, because first approximation the simple dumps of
IP for on-net and domestic were enough to let me sinbin all the rest
to offshore. Well, I thought so, but history proved me wrong.

Anyway. My point is that BGP is your friend. It should be both cheap
(as cheap as a routing lookup, which for an application writing a log
to disk like apache is cheap, at least compared to DNS lookup) and
very cacheable.

Why don't more applications do this?

Why is this not viable for implementing things like on/offshore applications
policy, egregiously wrong though it may be from a libertarian aspect?

cheers
-George

Peter_Galbavy · May 15, 2001, 12:55pm

Glenn (its aarnet) worked out a simple hack on Zebra to make this
fly.

Got 50% through a similar hack here. Never needed it in the end, and
gave up.

I didn't deploy it, because first approximation the simple dumps of
IP for on-net and domestic were enough to let me sinbin all the rest
to offshore. Well, I thought so, but history proved me wrong.

For those of us not in North America, the need is actually far greater
on occasion.

Anyway. My point is that BGP is your friend. It should be both cheap
(as cheap as a routing lookup, which for an application writing a log
to disk like apache is cheap, at least compared to DNS lookup) and
very cacheable.

Why don't more applications do this?

Because the people doing one thing don't usually speak to people doing
the other. Unless some behemothic (is that a word ?) company like Cisco
(only as a bad example - they do hare some stuff) doesn't invent it's
own protocol that is patentable, then there will be no standard to copy.
Innovation in this arena is pretty much dead it seems.

BTW I can actually see that the use of BGP for access control and
logging application access would be the subject of a patent application
by the greedy, I hope people can recall prior art in the future.

Peter