[arin-ppml] How bad is it really?

[michael.dillon at bt.com]

> Technically this is fraud and should be reported to hostmaster at arin.net

It is not fraud, it is sloppy record keeping.

I have worked for several large telcos over the years and every single one
of them had serious problems with slack (or non-existent) decommissioning 
processes. One company that I worked for 10 years ago, did an audit and 
discovered that they were paying $2 million dollars per month for tail
circuits which had been disconnected, sometimes for years. Most of them
were still plugged into router ports which may have made it easier to
identify them. The big question was whether or not there were other tail
circuits that were just dangling from a patch panel after the router port 
had been reused.

While you can generally make a business case for running an audit every year
or two to mop up these decommissioning oversights, these audits often do
not extend to cleaning up all the records, especially not IP address records

If there are any IP address records.

A lot of ISPs, even very big ones, rely far too much on spreadsheets for
this, even when they have commercial IP Address Management tools in place
for their DHCP-related customers. Meanwhile, Fred in engineering has a
spreadsheet that collects errors and oversights and eventually gets lost
when Fred retires.

We really should force large providers to run their own whois directory
rather than SWIPing transactions into ARIN. There could be some sort of
mirroring protocol for ARIN to keep in sync every week or so. This would
be more likely to be connected to a live OSS/BSS system that has up to
date data.

--Michael Dillon