Whoa; the 3 network?

Maybe I should be sleeping rather than examining BGP tables, but:

whi4#sho ip bgp 3.156.20.0
BGP routing table entry for 3.156.20.0/24, version 449977
Paths: (1 available, best #1, advertised over IBGP)
  7372 701 3561 1221
    207.99.5.196 from 207.99.5.196 (208.210.32.17)
      Origin incomplete, localpref 500, valid, external, best
      Community: 666

traceroute to 3.156.20.1 (3.156.20.1), 30 hops max, 40 byte packets
.
.
5 telstra.SanFrancisco.mci.net (166.48.19.250) 332.535 ms 538.669 ms 365.308 ms
6 Fddi0-0.pad-core1.Sydney.telstra.net (139.130.249.226) 290.266 ms 317.40 ms 290.209 ms
7 Hssi6-0.lon-core1.Melbourne.telstra.net (139.130.249.214) 350.701 ms 339.90 ms 439.199 ms
8 Fddi0-0.lon11.Melbourne.telstra.net (139.130.239.234) 419.291 ms 424.309 ms 283.243 ms
9 power2.lnk.telstra.net (139.130.49.114) 403.623 ms 353.911 ms 307.750 ms
10 203.36.142.146 (203.36.142.146) 348.695 ms 310.482 ms 301.917 ms

[root@newspeer1 /root]# whois 3.0.0.0
General Electric Company (NET-GE-INTERNET)
   One Independence Way
   Princeton, NJ 08540

   Netname: GE-INTERNET
   Netnumber: 3.0.0.0

Funky discovery... question is, why does GE need such massive addr space?

-=asr

I heard that they were planning to SNMP manage all of the light bulbs
that they sell.

Adam Rothschild wrote:

Funky discovery... question is, why does GE need such massive addr space?

-=asr

snip

[root@newspeer1 /root]# whois 3.0.0.0
General Electric Company (NET-GE-INTERNET)
   One Independence Way
   Princeton, NJ 08540

   Netname: GE-INTERNET
   Netnumber: 3.0.0.0

The Princeton address is the same as the old RCA company division that did
DARPA and ARPA gov't contracting, so that address space once belonged to
RCA "in the beginning". I have personal experience in a past life doing
military DARPA work with RCA, nearly twenty years ago, long before they
formed RCA Astro and built communications satellites. This address space
was given to RCA for DARPA work *only* way back then or earlier. RCA was
one of the *first* contractors in the TCP/IP address space, and we worked
on the very first gov't. task at the inception with them. No such work has
been done for years, and there is no reason for RCA/GE to have this address
space anymore.

Perhaps the real issue is - now that RCA was swallowed up years ago by the
mighty GE in a lengthy acquisitions process, and no longer has any
defensible need for this much address space, why do they still have it? It
is damn sure not being used for what it was originally intended, nor is it
being used to anywhere near 80% of its capacity.

I did a casual sequential-countup scripted "ping -a" on a small slice of
3.0.0.0, and found almost no working domains within this address space.

Ever wonder? How can they get away with keeping this much address space
and NOT be using it, when we all jump through hoops to get our own little
blocks of net numbers allocated?

Just challenging the status quo again, (gave up tilting at windmills
because my horse ran away.....)

Randall

Because they are directly responsible for the existence of the Internet.
After all, GE invented the light bulb. If not for that we would have had
no vacuum tubes, thus no transistors, thus no ICs, thus no IMPs, thus no
Internet.

Or maybe its because GE Information Systems ran the largest internet in
the world until the Internet surpassed it in size a couple of years ago.

Or maybe they don't. Why don't you ask them why they need it.

Hi,

In the beginning a lot of Fortune 100 companies were assigned Class 'A'
addresses. In todays world of address shortages, the existence of NAT and
RFC1919 spaces make this hard to justify, but imagine the expense of having
to readdress hundreds of thousands of workstations and hosts.

Few of the original class A holders could rejustify their address
allocations today, but who are we to judge? I was at Boeing during those
days and had access to 20+ class B addresses and a class A (we returned the
'A' :-).

I doubt HP, Xerox, IBM, GE, Mercedes etc want the expense of changing...

John

Randall Pigott wrote:

...
Ever wonder? How can they get away with keeping this much address space
and NOT be using it, when we all jump through hoops to get our own little
blocks of net numbers allocated?

...

A few years ago, I was surveyed by the Internic as to utilization of
space that I owned in a former job. I offered to turn back portions of
the space (several class "B" worth). I was never contacted again.

And a stupid comment, really. No wonder GE no longer wants his services.

Look, gang, the reason to do a public ping is that in the last analysis, GE
only needs public IP addresses for those infrastructure machines that need
public exposure and contact with the public internet. Granted, there are
some exceptions. However, a ping -a should bring up at least every valid
router on their network that sits in front of a firewalled virtual private
network element, plus the firewall host itself. Most everything else sits
behind a firewall. By definition, then, those machines can and should be
proxied for external public internet connections and can use private
network numbers. Those that are not behind the proxy and firewall can keep
their public numbers. Despite transit across segments of the public
internet, as Mr. Bono of GE so rightly pointed out, only the machines
exposed to the public internet need public numbers. The goal here is only
to find publicly pingable IPs in use, not to count all hosts behind firewalls.

So much for the ex-GE contractor. It is apparent that GE had no more use
for his comments than I do, since he is proud to still be able to at least
call himself an ex-GE contractor.

Mr. Bono, on the other hand, did state useful facts. He is a part of GE,
and thus is limited to only pointing out facts that serve GE interests.
What he did not point out is that number of employees <> number of needed
public static IP addresses. First, the majority of GE employees are
blue-collar clock-punchers in factories both in the US and especially
overseas. They are not allowed time by the assembly line supervisors for
internet access even if they did have the knowledge and desire to establish
a permanent presence on the public internet. Second, assume for the moment
that leaves maybe 300,000 or those 1.7 million workers eligible for having
a white collar AND an office AND a desk with a static address PC on it.
How many of these pee cees really have direct exposure to the public
internet and are NOT behind a firewall? The one useful comment Mr. Ex-GE
Contractor came up with is that GE is heavily firewalled. That means less
than 5 percent or so actually see the internet without the blockage of a
firewall. Those 5 percent or less are predominantly small offices with
small one-segment LANs that do not need a firewall and do not justify a
full period private leased line. Of course, back when there *was* a GEIS
doing a viable public dial-in ISP business, all that was different. But no
more. So let's say less than 60,000 static public IPs are needed for the
entire 1.7 million employee GE. That is being generous, BTW.

How then can you justify needing more than a single Class-B, or at most two
or three worldwide? Only if you admit you use it inefficiently. You
cannot convincingly argue that a heavily-firewalled corp needs 100 percent
public IPs behind that proxy firewall. Equally, there is no defensible
position from which to argue that those users cannot be proxied for
virtually all external access from behind that firewall. Sure, if done all
at once this would be a time-intensive renumbering process, but other major
corps have completed renumbering plans within their normal pee cee
workstation refresh cycles and have done so at minimal additional marginal
cost over a 12 to 18 month period. GE should not be so bloated and
ineffective that their IT staff cannot follow the lead of other corps and
do this for the public good.

I challenge GE to say that this is not so, and provide pertinent and
defensible facts and figures to back it up. I believe that if the truth
were know, Jack Kelly and gang are guilty of definitely warehousing
hundreds of thousands and almost certainly millions of unneeded public IP
addresses because they think they can get away with it and for no other
reason. We through ARIN and others should be reallocated this address
space for the public use of our subscribers.

OK, even though the horse ran away long ago, that's a good tilt at a
windmill anyway for ya........Happy Holidays to ALL

Randall

Some people block ICMP, but have a lot of other direct internet access.
This sort of test only gives one an initial set of questions to ask. It
does not answer those questions.

Don't kill the investigator yet.

And of course, this is a moot issue when one is paying for address space.

    --Dean

in the spirit of the holiday season, i apologize for my "stupid
experiment" comment.

>GE is heavily firewalled; i'm not suprised you didn't get any
>answers.

>stupid experiment, really.

And a stupid comment, really. No wonder GE no longer wants his services.

detailed technical discussion that i don't dispute, and probably
agree with, omitted.

I challenge GE to say that this is not so, and provide pertinent and
defensible facts and figures to back it up. I believe that if the truth
were know, Jack Kelly and gang are guilty of definitely warehousing

i think that you mean "Jack Welch".

hundreds of thousands and almost certainly millions of unneeded public IP
addresses because they think they can get away with it and for no other
reason.

i think you have no comprehension of how GE works.

GE has, over a period of years, consolidated their address space into
3 as they become better integrated with the public internet. at one
time, this space was exposed to the public. having been badly burned
by hackers once or twice, GE has moved most, if not all, of this
space behind firewalls; based on conversations i had with some of
the GE R&D systems staff a year or so back, i believe that their
intent is that little, of any, of 3.0.0.0/8 is to be exposed to the
open net; the gateways that i've used in the past use addresses in
192.something as their public face.

so there are probably no technical reasons why GE couldn't just hand
3.0.0.0/8 back -- because of the firewalling; they probably don't
really even need to renumber into 10.0.0.0/8 (and based on my
experience, any effort to renumber the corporation from 3 to 10
would be doomed to failure.). the reasons why the addresses won't be
returned are part of corporate culture, and have to do with the fact
that there is little motivation for GE to hand the old Class A back
-- they aren' t paying for it, and aren't going to in the near
future, and if ARIN tried to charge them for it, it'd just result in
a court case -- GE has very good lawyers on retainer, and lots of
them.

We through ARIN and others should be reallocated this address
space for the public use of our subscribers.

greater good arguments don't cut it with GE management, unless it's
for the greater good of the shareholders.

richard

i think you have no comprehension of how GE works.

Oh, I think a number of people do, and its why some of us have stated,
multiple times, that the current policies are discriminatory and ARE going
to lead to court cases, lawyers, and trouble for ARIN and others who have
and continue to control this process.

GE has, over a period of years, consolidated their address space into
3 as they become better integrated with the public internet. at one
time, this space was exposed to the public. having been badly burned
by hackers once or twice, GE has moved most, if not all, of this
space behind firewalls; based on conversations i had with some of
the GE R&D systems staff a year or so back, i believe that their
intent is that little, of any, of 3.0.0.0/8 is to be exposed to the
open net; the gateways that i've used in the past use addresses in
192.something as their public face.

so there are probably no technical reasons why GE couldn't just hand
3.0.0.0/8 back -- because of the firewalling; they probably don't
really even need to renumber into 10.0.0.0/8 (and based on my
experience, any effort to renumber the corporation from 3 to 10
would be doomed to failure.). the reasons why the addresses won't be
returned are part of corporate culture, and have to do with the fact
that there is little motivation for GE to hand the old Class A back
-- they aren' t paying for it, and aren't going to in the near
future, and if ARIN tried to charge them for it, it'd just result in
a court case -- GE has very good lawyers on retainer, and lots of
them.

> We through ARIN and others should be reallocated this address
> space for the public use of our subscribers.

greater good arguments don't cut it with GE management, unless it's
for the greater good of the shareholders.

richard
--
Richard Welty Chief Internet Engineer, INet Solutions
welty@inet-solutions.net http://www.inet-solutions.net/~welty/
888-311-INET

And THERE lies the problem.

See, ARIN wants to claim that others can't have what GE has. Further, ARIN,
along with the IANA, wants to claim that people should "give back" space
that they are not effeciently using to connect to the Internet - unless, of
course, you're someone like MIT, GE, or PSI.

Hiding 95% of your hosts behind firewalls is fine. But if you're doing
that, you only need 5% of the space you would otherwise need to be
"exposed", and thus on public routable space.

Until ARIN and the IANA come to grips with the FACT that the current and
past policy in fact discriminatorily disadvantages some organizations and
providers while allowing others free run with either new or previous
allocations, the risk of serious legal and social challenges remains high.

ARIN doesn't like this one bit; I'm on the AC, and even with my being on the
"inside" it is difficult to impossible to get the ARIN people to recognize
the problem, say much less do anything about it. The reason, of course, is
political - guess what happens if they DO address it? Lots of people get
upset, and some of them have a lot of money and lawyers.

What's not being paid attention to is that the number of parties who
are being screwed is growing. Sooner or later they will reach critical mass
and form a class looking for redress, and when that happens there will be
trouble.

IANA, with the people there believing they are insulated from any real risk
due to their being technically employees of a publically-funded university,
has an even-more-discriminatory worldview on this.

ARIN and/or the IANA are eventually going to tangle with someone who has both
lawyers and money, and comes to the conclusion that both they *AND THE
CORPORATIONS WHO HAVE BENEFITTED FROM THE DISCRIMINATORY BEHAVIOR* make nice,
fat, juicy targets for some legal action.

IMHO, that organization will be proven correct.

It is critically important to the operational stability of the Internet that
this problem is addressed BEFORE someone files a $100M lawsuit and names
some of the world's largest backbone providers and corporations, along with
ARIN and the IANA, as defendants over this issue.

Both ARIN and the IANA would have to fold in the face of such a challenge.
Now we have *NO* delegation path available, and the likely result would be
chaos.

And gets an order from some clueless judge to pick up all of their
equipment for inspection.

<sigh>

Cheers,
-- jr 'adolescence is hell...' a

Or the military decides we've all gone to far with their toy and nukes us!

randy

% The Princeton address is the same as the old RCA company division
% that did DARPA and ARPA gov't contracting, so that address space
% once belonged to RCA "in the beginning".

  False statement and faulty logic. GE merely changed the address
for the GE folks handling their network address to be the office
in Princeton.

  Net 3 has always been GE address space, even before GE repurchased
RCA during the 80s. In fact, for many years the Net 3 entry at
the SRI NIC pointed to a GE Simulation facility in Florida
because someone there was the address allocation stuckee for
all of GE.

% I have personal experience in a past life doing military DARPA work
% with RCA, nearly twenty years ago, long before they formed RCA Astro
% and built communications satellites. This address space was given
% to RCA for DARPA work *only* way back then or earlier.

  RCA might have been given address space back then, but it wasn't
Net 3. In the early 80s, when RCA was not owned by GE, GE had
already been alloated Net 3 by the SRI NIC. I was a GE employee
at the time and involved in renumbering some internal networks
into Net 3 at the time.

% I did a casual sequential-countup scripted "ping -a" on a small slice
% of 3.0.0.0, and found almost no working domains within this address
% space.
[stuff deleted here]

-- End of excerpt from Randall Pigott

  Ping turns out to be a remarkably ineffective tool at measuring
the utilisation of addresses or accessibility of hosts.

  Many a host that I've managed was not visible via ping, but was
in fact directly on The Internet and reachable via telnet/rlogin/ftp
_only from authorised hosts_ which were also on the Internet.
Connection attempts from unauthorised hosts were silently dropped.
No point in making it easy on the bad guys. This was done within
some parts of GE at least as far back as the mid 1980s. It helped
to have a 4.2 BSD source license.

Ran
rja@home.net

PS: Apologies for posting content onto the NANOG list...

hi ran - let's take this off the group and onto private email, ok?

False statement and faulty logic. GE merely changed the address
for the GE folks handling their network address to be the office
in Princeton.

Net 3 has always been GE address space, even before GE repurchased
RCA during the 80s. In fact, for many years the Net 3 entry at
the SRI NIC pointed to a GE Simulation facility in Florida
because someone there was the address allocation stuckee for
all of GE.

and where did it point even father back when the address space was defined
by the darpa host table, updated by crude non-deterministic scripts?

RCA might have been given address space back then, but it wasn't
Net 3. In the early 80s, when RCA was not owned by GE, GE had
already been alloated Net 3 by the SRI NIC. I was a GE employee
at the time and involved in renumbering some internal networks
into Net 3 at the time.

you neglected to include the history of the 3 space *before* it was
transferred to ge. or the contract task win by ge and the various task
rebadgings and reallocations over the research years. ge lost the
follow-on but *kept* net 3. my statements still stand as accurate, to the
best of my rapidly-decaying memory age is getting less kind every
day............

look, the whole point of this orig reply was to set the thread off onto a
productive course of discussion on how and why to use public ip numbers
more efficiently that having dozens of /8 blocks out there apparently with
lame allocation or inefficient use. if that got network operators talking
about using nat to provide more efficient enterprise networks and then
apply those techniques in relevant ways to our own network architectures,
then i was successful. that was the only point. whether it was ge or
xyzzy is *not* the point. (be sure to leave column 7 blank on the coding
form for a single-line entry - or was that column 6?

there could be well over 10 to 15 billion ip addresses right now being
hogged whose use cannot be defended against the greater need of other
public network operators. this is itself a corporate theft-of-service,
more white-collar and passive a danger to the growth of the internet than
spammers but certainly no less an odious crime. combos of nat between
rfc1918 hosts inter-firewall and private numbering within the vpn can
provide good service to a ge or other wasteful /8 delegees with enterprise
networks, with *only* a few classful b's and still provide a good level of
security - maybe even better security in some respects.

it is irrelevant to the argument whether one uses ping only because it was
not worth more than two minutes of one's time, or if one works more in
depth and spends more time with sh ip bgp or looking glass tools. i was
not seeking to perform an in-depth quantitative analysis, and most readers
knew that. everyone knows few public hosts still have icmp enabled in
these new and scary times.

the point remains - this issue of wasteful and indefensible ip hoarding by
legacy delegees needs spading to get the worms and parasites exposed to the
sunlight and fresh air. that the hoarders are large corporations is no
excuse, in fact it makes their waste and abuse even less tolerable. that
issue *is* relevant, and discussion of network architectures to more
efficiently use ip number resources is very much on-topic to nanog.

now, let's give randy bush a break and take any more p*ssing about ge vs.
rca to private mail, ok? nanog subscribers have too much to read
without learning the history of gov't contracting 101 on the
listserv..................

happy new year, everyone!

randall

GE was the original party that was allocated Net 3,
directly back when IP began. Your statements to
the contrary were inaccurate.

Regards,

Ran