[ppml] 2003-5 rwhois/reassignment info

Einar Bohlin einar.bohlin at mci.com
Wed May 7 14:43:24 EDT 2003 

I understand that there are good faith blacklisters,
but if things change for them, I'm sure they could
adapt.  If utilization info is public these days solely
or primarily for blacklisters, then ISPs have to talk
about why utilization info is public.  All this
effort by ISPs to create public utilization info is
to support blacklisting?

> If anything, I'd like to see more requirements (or enforcement...not that
> ARIN seems to have any teeth) for publicly available reassignment data.

That's not going to happen.  The trend is that
ISPs are covering their customers, being the POC for
reassigned nets.  It makes sense, contacting the cust
POC was mostly futile anyway.  And I see that ARIN is
cracking down on detailed reassignments, requiring
them to have admin and tech POC; that crackdown 
is a clear push towards using simples.

> We have lots of customers using /30's.  The most common uses for /30's on
> our network are point to point connections and customers with firewalls,
> where the firewall and their internet router are the only public IPs they
> need.

I'm truly glad we don't have to swip /30s, especially
the point to point nets.  But what about the customer
who gets the /30 as you say for a firewall/NAT?  Why
do they get special anonymity?  Why is the cutoff /29, 
and not, for example, /19?  I'm serious.

By the way, APNIC requires swip for /29 and larger nets,
just like ARIN, but at APNIC /32 to /30 are optional.

Right now we do a swip for every net.  What if there
was an approved text format, and then you'd be able to mail
or web input that for utilization, weekly, monthly or whatever?
That's aside from whether the info is public or not.

Text file?  I've recently started working with the great 
staff at APNIC and went through the process and got a new
range from them.  APNIC naturally wants all your swips
(inetnums) up to date.  But then very interestingly, they
wanted a text file of all reassignments, in a specified
format, every single one.  It wasn't that hard to do.
But it did make me wonder why we did all the inetnums
in the first place.

Back to the multihoming issue... When a customer
needs a net for multihoming with another ISP, then
the customer should have an ORG record at ARIN with
their ASN attached to it.  Maybe this is the case
where we'd still publicly swip the net to the
customer so the net can be verified as having
been assigned to them.  But the ISP wouldn't be
making an ORG record, it'd already be there, created
by the customer.  We just be putting the net
on it.

One last thing, utilization info could always be 
public, regardless of the authorized by ARIN
method, if the ISP wanted it to be that way.

Regards,

Einar Bohlin, IP Analyst
IP Team - Ashburn Virginia - MCI/UUNET
Phone: 703 886-7362 (VNET 806-7362)
email: einar.bohlin at mci.com





On Tue, 6 May 2003 jlewis at lewis.org wrote:

> On Tue, 6 May 2003, Einar Bohlin wrote:
> 
> > And without a specific POC for a reassignment, 
> > why does utilization info need to be publicly visible any
> > more?  It seems to me the POC was for the public, and it'll
> 
> > Who needs to see utilization info?
> > ----------------------------------
> > 
> > Blacklisters and anti-spam unsolicited mail generators.
> > No comment.  
> 
> Then I will. :)
> Public reassignment data allows others (whether it's central dnsbl 
> maintainers or individual ISPs or end users) to handle abuse issues when 
> the spammer's provider does not.  If a provider chooses to host spammers, 
> it's nice to be able to see via whois that the spammer has a /24, /25, 
> etc. and know that blocking that space will reduce your received spam 
> with no collateral damage rather than do a whois query and find that the 
> IP is part of a /8, /16, etc. assigned to some "big provider" and then 
> have to do additional work to figure out or just guess how much space the 
> spammer has.
> 
> Removing whatever requirements we currently have for public reassignment 
> data will just make it that much easier for spammers to hide inside large 
> providers.  i.e. we'll all get more spam.
> 
> If anything, I'd like to see more requirements (or enforcement...not that
> ARIN seems to have any teeth) for publicly available reassignment data.
> 
> > Question:
> > Why is the swip cutoff at /29?  Has anyone had to deal
> > with savvy customers coming in repeatedly for /30s?
> 
> We have lots of customers using /30's.  The most common uses for /30's on 
> our network are point to point connections and customers with firewalls, 
> where the firewall and their internet router are the only public IPs they 
> need.  Being able to swip /30's would make additional space applications 
> shorter.  It might seriously increase the amount of data in ARIN's 
> database though...I'd wild guess it might double or more the amount of 
> data.
> 
> ----------------------------------------------------------------------
>  Jon Lewis *jlewis at lewis.org*|  I route
>  System Administrator        |  therefore you are
>  Atlantic Net                |  
> _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
> 
>

More information about the ARIN-PPML mailing list