<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=Windows-1252">
</head>
<body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; color: rgb(0, 0, 0); font-size: 14px; font-family: Calibri, sans-serif; ">
<div>
<div>
<div>Purely personal opinion here buuuuut…..</div>
<div><br>
</div>
<div>Sounds shady and like they're using you (by purchasing a tiny pipe for such an enormous range) to legitimize their ownership by attempting to establish a history of network advertisement. Once that's established and the backend chain of custody is cleaned
up (helped along by their "use" of the space through you) they'll flip (sell) the address space. Unless you're that hard up for customers (and this is super tiny) I'd stay as far away from them as you can.</div>
<div>
<div>
<div>-- </div>
<div>Jesse D. Geddis</div>
</div>
<div>LA Broadband LLC</div>
<div><br>
</div>
</div>
</div>
</div>
<div><br>
</div>
<span id="OLK_SRC_BODY_SECTION">
<div style="font-family:Calibri; font-size:11pt; text-align:left; color:black; BORDER-BOTTOM: medium none; BORDER-LEFT: medium none; PADDING-BOTTOM: 0in; PADDING-LEFT: 0in; PADDING-RIGHT: 0in; BORDER-TOP: #b5c4df 1pt solid; BORDER-RIGHT: medium none; PADDING-TOP: 3pt">
<span style="font-weight:bold">From: </span>Scott Leibrand <<a href="mailto:scottleibrand@gmail.com">scottleibrand@gmail.com</a>><br>
<span style="font-weight:bold">Date: </span>Thursday, May 3, 2012 11:12 AM<br>
<span style="font-weight:bold">To: </span>John Von Essen <<a href="mailto:john@quonix.net">john@quonix.net</a>><br>
<span style="font-weight:bold">Cc: </span>"<a href="mailto:arin-discuss@arin.net">arin-discuss@arin.net</a>" <<a href="mailto:arin-discuss@arin.net">arin-discuss@arin.net</a>><br>
<span style="font-weight:bold">Subject: </span>Re: [arin-discuss] Question about legacy IPv4 and RADB<br>
</div>
<div><br>
</div>
<div>
<div>As I understand it, any paying RADB customer can register route objects for any route they like, as long as no one else has already done so. So I don't think RADB tells you much about the proper holder of a block whose original registrant is now defunct.
<div><br>
</div>
<div>Probably the best thing for organization FOO to do would be to contact ARIN and arrange to update ARIN's records. That may require documenting their chain of custody of X.X.0.0/16 from AAA. It sounds like they've already done so with the Tech POC, so
if it was a legitimate transfer they shouldn't have too much trouble demonstrating that to ARIN and getting all the records updated (and preferably getting the block transferred over to FOO).</div>
<div><br>
</div>
<div>-Scott<br>
<br>
<div class="gmail_quote">On Thu, May 3, 2012 at 10:33 AM, John Von Essen <span dir="ltr">
<<a href="mailto:john@quonix.net" target="_blank">john@quonix.net</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Not sure if this is the right forum, but something came up with a potential new BGP customer regarding a legacy IP block (1993, pre-Arin) they want to advertise. This new customer is planning to buy internet from us, a 100MB pipe.<br>
<br>
Whenever a customer is advertising a subnet that is not directly issued to them via Arin, we have a process to verify authority before we allow that block to propagate out to our BGP upstreams.<br>
<br>
Since I dont want to get in trouble with the client, the info here is fictitious but represents the situation we need help with. Names/IPs have been replaced.<br>
<br>
Here is the situation:<br>
<br>
1. The IP block (say X.X.0.0/16) our new BGP customer wants to advertise is a 1993 IP block, pre-Arin, it is in the Arin whois database, as well as RA DB.<br>
2. The OrgID (say AAA) for X.X.0.0/16 is defunct, does not exist at all anymore.<br>
3. There are 4 POCs listed for OrgID AAA, 3 of which are defunct and even labeled as bad within Arin whois, the 4th (Tech POC) is valid, and the email address for this POC is completely unrelated to OrgID AAA. This "4th POC" is clearly not associated with OrgID
AAA, but another Organization will call FOO.<br>
<br>
At first glance, when I look at this, I think its a legacy hijacked IP range. Somebody got a hold of the 4th POC in some way and changed it. We DO NOT work with people remotely connected to hijacked IP space, in fact, we use the SpamHaus DROP list and wont
route any of those suspicious IP ranges. This range is not in SpamHaus's DROP list.<br>
<br>
Problem is I am not entirely certain if my assumption is correct because Merits RA DB shows a different story. If I lookup X.X.0.0/16 in Merit's RA DB, the resource looks 100% legit. You dont see any mention of OrgID AAA, no bad POCs, everything in Merit's
DB is related to Org FOO.<br>
<br>
Now, our upstreams all use different mechanisms to verify who has the right to announce certain blocks. Level3 for example uses RA DB, so in Level3's eye's there is nothing wrong here. But if Cogent uses Arin's whois database, then Cogent might refuse it because
it cant be verified or if it is verified its very suspect.<br>
<br>
I dont know what to do here.... All of our other BGP customers have been easy since they all use post-Arin IP space which is very easy to verify, this is the first time we've had a customer try to announce "old" space.<br>
<br>
Any input would be appreciated.<br>
<br>
Thanks<br>
John Von Essen<br>
<br>
______________________________<u></u>_________________<br>
ARIN-Discuss<br>
You are receiving this message because you are subscribed to<br>
the ARIN Discussion Mailing List (<a href="mailto:ARIN-discuss@arin.net" target="_blank">ARIN-discuss@arin.net</a>).<br>
Unsubscribe or manage your mailing list subscription at:<br>
<a href="http://lists.arin.net/mailman/listinfo/arin-discuss" target="_blank">http://lists.arin.net/mailman/<u></u>listinfo/arin-discuss</a><br>
Please contact <a href="mailto:info@arin.net" target="_blank">info@arin.net</a> if you experience any issues.<br>
</blockquote>
</div>
<br>
</div>
</div>
</div>
</span>
</body>
</html>