[ppml] 2003-5 rwhois/reassignment info

Lee Howard lee.howard at mci.com
Thu May 8 11:36:09 EDT 2003 

Interesting conversation.

In your abuse example, does it change the conversation if SWIPs were not
required for reassignments, but were still required for allocations (i.e.,
to ISPs who further assign to end users)?  I would think that a clueful
end-user should always have the option of listing themselves as POCs.

Lee

On Thu, 8 May 2003 jlewis at lewis.org wrote:

> Date: Thu, 08 May 2003 08:39:14 -0400 (EDT)
> From: jlewis at lewis.org
> To: Einar Bohlin <einar.bohlin at mci.com>
> Cc: ppml at arin.net
> Subject: Re: [ppml] 2003-5 rwhois/reassignment info
> 
> On Wed, 7 May 2003, Einar Bohlin wrote:
> 
> > I understand that there are good faith blacklisters,
> > but if things change for them, I'm sure they could
> > adapt.  If utilization info is public these days solely
> > or primarily for blacklisters, then ISPs have to talk
> > about why utilization info is public.  All this
> > effort by ISPs to create public utilization info is
> > to support blacklisting?
> 
> No...that's just one group that relies heavily on it.  Abuse related 
> issues are the primary reason that comes to my mind though.  Forgetting 
> about DNSBLs for a moment, here are a few more examples supporting public 
> reassignment info.
> 
> Suppose you have some spam or other abuse (hacking/attacking) issue with
> an IP belonging to one of "the big providers"...just for example, we'll
> say UUNet.  Without public reassignment info, you'll have to send your
> complaint to UUNet's (overloaded) abuse address, where it will surely be
> delayed if not discarded.  With public reassignment info, you can send it
> to the smaller ISP customer of UUNet and at least know that the
> appropriate people got it, or perhaps even just call them on the phone.  
> Why hide them behind UUNet?
> 
> Suppose some small network comes to you to buy a redundant connection and
> wants you to propogate a BGP route for their UUNet PA IP space.  Do you
> trust the customer to not lie about their IP space?  Do you call UUNet,
> wade through their phone menus, and try to find someone who will talk to a
> non-customer and verify one of their customer's IP assignments, or would
> you rather just check with whois and see that the space is swipped to the
> customer?
> 
> > That's not going to happen.  The trend is that
> > ISPs are covering their customers, being the POC for
> > reassigned nets.  It makes sense, contacting the cust
> > POC was mostly futile anyway.  And I see that ARIN is
> 
> That depends on the customer.  Lots of smaller nets have no technical 
> people on staff, and so even if you do get through on the phone, they may 
> not understand why you're bothering them.  I would hope that most ISP 
> networks do have technical people on staff and there's no reason to make 
> it harder to contact them.  Would you rather abolish public reassignment 
> entirely and make ARIN the POC for all the address space they allocate?  
> Just send everything to abuse at arin.net and let them sort it out?
> 
> > I'm truly glad we don't have to swip /30s, especially
> > the point to point nets.  But what about the customer
> > who gets the /30 as you say for a firewall/NAT?  Why
> > do they get special anonymity?  Why is the cutoff /29, 
> > and not, for example, /19?  I'm serious.
> > 
> > By the way, APNIC requires swip for /29 and larger nets,
> > just like ARIN, but at APNIC /32 to /30 are optional.
> 
> I'd be real happy with that.  As I said, letting us swip /30's would
> seriously reduce the size and complexity of our additional space requests.  
> In my last one, there were lots of subnets where I had to arbitrarily make
> up a use category.  i.e. there are lots of networks we've marked as
> reserved and then subnetted into /30's for customer connections or
> router/firewall pairs.  Often, these networks include a collection of
> /30's for customers in different cities on different service types.  ARIN
> wants all non-swipped assignments categorized as one of
> dial|isdn|web|leased|dsl|colo|wireless and some other categories that
> never apply to us and I've left out.  How do you categorize a /24 that's a
> mix of /30 backbone router PTP interfaces, customer serial interfaces, and
> router/firewall ethernets for ISDN, DSL, and leased line customers??
> If the answer is, show each assignment individually, then just let us swip 
> them.
> 
> > Right now we do a swip for every net.  What if there
> > was an approved text format, and then you'd be able to mail
> > or web input that for utilization, weekly, monthly or whatever?
> > That's aside from whether the info is public or not.
> 
> They already accept a text format via email.  If you have some automated 
> system that would submit a text format to ARIN, you could just as easily 
> have it generate and submit in the ARIN-REASSIGN-SIMPLE-3.0 format.
> 
> > range from them.  APNIC naturally wants all your swips
> > (inetnums) up to date.  But then very interestingly, they
> > wanted a text file of all reassignments, in a specified
> > format, every single one.  It wasn't that hard to do.
> > But it did make me wonder why we did all the inetnums
> > in the first place.
> 
> Did you ask them why they want you to submit all the info twice (via 
> inetnums and a text file)?  That seems like a waste of time/effort.
> 
> > One last thing, utilization info could always be 
> > public, regardless of the authorized by ARIN
> > method, if the ISP wanted it to be that way.
> 
> All but a few possible exceptions will choose not to unless forced to.  
> Why spend the time and money making the info available if you're not
> required to?
> 
> ----------------------------------------------------------------------
>  Jon Lewis *jlewis at lewis.org*|  I route
>  System Administrator        |  therefore you are
>  Atlantic Net                |  
> _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
>

More information about the ARIN-PPML mailing list