[arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

[Michel Py]

Hi Keith,

> Keith W. Hare wrote :
> I have not yet seen a complete clear consistent definition of BGP/Route
> hijacking. Such a definition is a prerequisite to defining a meaningful policy. 

I agree.

And in order to have that clear consistent definition of what hijacking is, we also have to define what it is not.
Included, but not limited to :

- Squatting.
- Loitering.
- Some forms of DDOS mitigation.
- Leasing (same as DDOS mitigation, it's technically hijacking with permission).
- Traffic Engineering.
- Traffic Shaping.
- Interception (lawful and not).
- ASN impersonation.
- ASN usurpation.
- AS-PATH manipulations.
- The relation between MPLS and BGP.
- VRFs.

> To me, ARIN’s current practice is a good way of responding to BGP/Route hijacking reports.
> It includes the flexibility, investigation, and communication necessary to identify and
> correct issues. The current practice works by using communication and persuasion. It has
> the advantage that the details are not codified in policy and so can adjust depending on
> the actual details and intent discovered during the investigation.

+1

I trust that ARIN's staff has the necessary training, experience, background, and technical expertise for such practice.
Which unfortunately I can't say the same about some of the participants in the recent debate.

I welcome questions, and I hope ARIN will continue to weigh correctly the assertions of people who have never configured BGP on a production network.

Michel.