[ppml] Bogons etc...

Ian Baker ibaker at codecutters.org
Wed Jan 21 09:27:54 EST 2004 

----- Original Message ----- 
From: "McBurnett, Jim" <jmcburnett at msmgmt.com>
To: "Ian Baker" <ibaker at codecutters.org>; <ppml at arin.net>
Sent: Wednesday, January 21, 2004 1:57 PM
Subject: RE: [ppml] Bogons etc...

>->
>->The thought certainly crossed my mind, but the overall
>->programme would still
>->need funding (hence the thought about fines). The situation
>->would probably
>->be even worse for people like LACNIC & APNIC, who are that
>->much smaller.
>->
>->Remember - there's also a complete grievance and appeals
>->procedure to fund
>->(a gigantic ISP might be unhappy at being taken offline from a single
>->mistake by a contractor; as might their customers!)
>->
>->The principle's great, but.. lots of details that need to function
>->consistently, the world over.

>let's talk about this for a second:
>What does TEAM CYMRU do?
>Can it be scaleable?
>If 4 volenteers do it now and keep it going, why would you need more than
>2 full timers? Ya know so #1 can go on vacation?

It's a few more than four volunteers.. might not take many people (for
updates - I suspect that a rationalization of current data might take a
little more work). Heck, I even have something that could probably be
adapted to do it.. might be interesting to see how many empty blocks there
are if one includes micro-allocations.

>And does it even need to be full timers?
>ARIN has a website, and a network, can the net admin do BGP?
>How would it take a whole ISP offline? IE can you really see 12.0.0.0/8
added as a
>bogon? (Sorry AT&T, it was the first IP block I could think of)

Possibly - it depends on how "harsh" the rules are. Do we let off large ISPs
(all of those Trojaned home weenies) and hammer small companies? Hmm.

Probably just my reaction to some of the badly-worded laws that have been
appearing in the UK just recently (e.g. when they banned mobile phone
handset use in cars, did they /really/ intend to fine drivers that lock the
phone in the glovebox? The law reads that way.. and has apparently already
been applied. If you believe what you read in the papers)

>Details, well maybe this should be a thought for the ARIN meeting?
>Or maybe the wishful dinner conversation?
>Or maybe a thought and RFC from the IETF?

Here's what I have at the moment:

o We have a technical observation that could potentially have a noticeable
benefit to the Internet community as a whole

o We're not yet sure what size of list we would need to implement (I might
be able to help there, when I get time. GeoLyse lists about 1.9 million
allocated blocks worldwide - the next time I do a rebuild, I'll see if I can
write something that checks for gaps)

o While it's not possible to define revenue-neutral funding requirements
without knowing the size of the problem, it might be worth discussing
possible mechanisms

o (Possibly the bit where we're taking different views on the proposal) do
we limit the list to specific unallocated blocks, or include "leakage" of
invalid/reserved/private traffic from allocated blocks? There are potential
legal and financial implications for ARIN members.

o There needs to be some form of "punishment" for people who violate. This
has to be legally watertight, to prevent any loss-of-revenue lawsuits in the
event of erroneous blocking.

o If it's to work, then it needs to be world-wide (which implies an RFC, in
my view)

o Discuss..


Regards,

Ian Baker
Webmaster, codecutters.org

More information about the ARIN-PPML mailing list