Using unallocated address space

Sean_M_Doran · February 13, 2001, 3:33pm

Other-Sean writes:

Other than making it difficult for people to figure out WHOIS using that
ASN, "yanking" an ASN's registration has little practical effect. You
can use an un-allocated ASN almost as easily as using an un-allocated
address block.

Well, the hidden point here was that the registries act on behalf
of the communities of ISPs who form the registries' paying customer
base / membership, and there is no particular reason why they could
not alert their membership to "evil doers". What is done with
such an alert is of course up to each individual member/network,
however I imagine several of them would set up filtering, perhaps
including the ones closest to the source of the "evil doing".

Obvious candidates for reportable behaviour include the use
of unregistered prefixes and ASNs.

In the past in the odd case where an addressing registrar
asked for assistance in dealing with such a thing she or he
had discovered, I was happy to provide it.

Sean.

Garlic · February 13, 2001, 4:31pm

It would seem to me that ARIN and its counterparts should get together and
provide a "blackhole" BGP feed (the NBL?) where all packets destined for
unallocated, restricted, or private space go bye-bye.

Stephen_J_Wilcox · February 13, 2001, 4:46pm

Only I drop my unallocated/private packets at my core routers, if you set
up routes to ARIN/whoever then I would transmit out those packets and my
transits would carry them for me if I dont connect directly..

extra traffic all round really. why not just let the core routers bin the
rogue packets? (ip route 0.0.0.0 0.0.0.0 null0)

Steve

Jeffrey_Haas1 · February 13, 2001, 4:53pm

Far better would be for them to provide, say in RPSL format,
route-set objects for all delegations. Then anyone can filter as they
please.

Deepak_Jain · February 13, 2001, 4:58pm

You can configure the BGP feed to set next hop to an unused interface or
null0 or (your hardware's efficient null spot). The idea of BGP feed, if I
am not mistaken, is to allow dynamic configuration/reconfiguration as
blocks are allocated to keep from having to revise hundreds of routers'
filters.

In practice, I am not sure I'd feel comfortable with it, but surely many
would use it.

Deepak Jain
AiNET

Stephen_J_Wilcox · February 13, 2001, 5:21pm

so why bother advertising all these unnecessary blocks increasing the bgp
table size and increasing traffic when you can just add a default route to
null0 as per previous email??

Deepak_Jain · February 13, 2001, 11:29pm

Laziness?

Deepak

Garlic · February 13, 2001, 11:53pm

What would be nice is that there was an offical list of private, unallocated, or
reserved ranges kept somewhere that we could use and generate filters from.

Roy Engehausen

Deepak Jain wrote:

Deepak_Jain · February 13, 2001, 11:56pm

Like someone else's RPSL suggestion which is the best idea I've heard on
the topic.

Deepak Jain
AiNET