<div dir="ltr"><div>There are many examples... Here is one:</div><div><br></div><div>- Company X hires hosting company Y for hosting service.</div><div>- Company X allows company Y to advertise their IP blocks</div><div>- Years later, company X decides to move to another hosting provider.</div><div>- There is disagreement on the contract terms, agreement length, renewal (or some other caveat of the relationship) clearly Company Y does not want to lose the revenue from company X.</div><div>- Since company Y is losing company X as a customer, they decide to send them a random invoice (justified or not) and say they own them $50k (or whatever amount).</div><div>- Company X says, this is BS, we don't owe this. - matter needs time to get resolved (perhaps even legally)</div><div>- Company X ask company Y to stop advertising their IP blocks because they are now moving to another hosting provider.</div><div>- Company Y says "no, we are not going to fulfill any "support requests" until you pay your invoice" </div><div><br></div><div>Hosting providers have been struggling since there has been so much competition, which breeds these types of behavior. </div><div><br></div><div>Regardless of disagreements of any kind, an AS should not continue to advertise another's IP blocks if the owner does not want them to. </div><div><br></div><div>Again, this is just one example. </div><div><br></div><div>In this scenario, ARIN could facilitate with a process by notifying company Y that they are in violation, as well as report to their peering AS's. It is very helpful to have a simple mechanism in place.</div><div><br></div><div>Andrew</div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Fri, May 3, 2019 at 11:24 AM Keith W. Hare <<a href="mailto:Keith@jcc.com">Keith@jcc.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div lang="EN-US">
<div class="gmail-m_3582655009606134523WordSection1">
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">Andrew,<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">So far, I have seen lots of discussion of the issue but I have not seen a single concise coherent complete definition of the BGP hijacking problem that includes:<u></u><u></u></span></p>
<p class="gmail-m_3582655009606134523MsoListParagraph"><u></u><span style="font-size:11pt;font-family:Symbol;color:rgb(31,73,125)"><span>·<span style="font:7pt "Times New Roman"">
</span></span></span><u></u><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">What technical mechanisms are used to create a BGP hijack<u></u><u></u></span></p>
<p class="gmail-m_3582655009606134523MsoListParagraph"><u></u><span style="font-size:11pt;font-family:Symbol;color:rgb(31,73,125)"><span>·<span style="font:7pt "Times New Roman"">
</span></span></span><u></u><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">How BGP hijacking is initiated<u></u><u></u></span></p>
<p class="gmail-m_3582655009606134523MsoListParagraph"><u></u><span style="font-size:11pt;font-family:Symbol;color:rgb(31,73,125)"><span>·<span style="font:7pt "Times New Roman"">
</span></span></span><u></u><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">Why BGP hijacking is possible<u></u><u></u></span></p>
<p class="gmail-m_3582655009606134523MsoListParagraph"><u></u><span style="font-size:11pt;font-family:Symbol;color:rgb(31,73,125)"><span>·<span style="font:7pt "Times New Roman"">
</span></span></span><u></u><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">The frequency of BGP hijacking instances<u></u><u></u></span></p>
<p class="gmail-m_3582655009606134523MsoListParagraph"><u></u><span style="font-size:11pt;font-family:Symbol;color:rgb(31,73,125)"><span>·<span style="font:7pt "Times New Roman"">
</span></span></span><u></u><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">How long BGP hijacking instances last<u></u><u></u></span></p>
<p class="gmail-m_3582655009606134523MsoListParagraph"><u></u><span style="font-size:11pt;font-family:Symbol;color:rgb(31,73,125)"><span>·<span style="font:7pt "Times New Roman"">
</span></span></span><u></u><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">The locations of BGP hijacking instances<u></u><u></u></span></p>
<p class="gmail-m_3582655009606134523MsoListParagraph"><u></u><span style="font-size:11pt;font-family:Symbol;color:rgb(31,73,125)"><span>·<span style="font:7pt "Times New Roman"">
</span></span></span><u></u><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">How information about BGP hijacking instances can be gathered<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">Without a really clear definition of the problem, it is hard to evaluate the effectiveness of the proposed process.<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">So far, it is not at all clear to me how the process described in proposal 266 will have any effect on the problem, but that may be because I do not fully understand
the problem.<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">Keith<u></u><u></u></span></p>
<p class="MsoNormal"><a name="m_3582655009606134523__MailEndCompose"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)"><u></u> <u></u></span></a></p>
<p class="MsoNormal"><b><span style="font-size:11pt;font-family:Calibri,sans-serif">From:</span></b><span style="font-size:11pt;font-family:Calibri,sans-serif"> ARIN-PPML [mailto:<a href="mailto:arin-ppml-bounces@arin.net" target="_blank">arin-ppml-bounces@arin.net</a>]
<b>On Behalf Of </b>Andrew Bagrin<br>
<b>Sent:</b> Friday, May 3, 2019 10:05 AM<br>
<b>To:</b> Marilson Mapa <<a href="mailto:marilson.mapa@gmail.com" target="_blank">marilson.mapa@gmail.com</a>><br>
<b>Cc:</b> <a href="mailto:arin-ppml@arin.net" target="_blank">arin-ppml@arin.net</a><br>
<b>Subject:</b> Re: [arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation<u></u><u></u></span></p>
<p class="MsoNormal"><u></u> <u></u></p>
<div>
<p class="MsoNormal">I'm curious why do people not want to let ARIN try to start getting involved to help resolve the issue of hijacking?<u></u><u></u></p>
<div>
<p class="MsoNormal"><u></u> <u></u></p>
</div>
<div>
<p class="MsoNormal">Are you doing hijacking and don't want interference?<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal">Are you running a competitive service that you charge for?<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal"><u></u> <u></u></p>
</div>
<div>
<p class="MsoNormal">Does anyone believe there is a valid reason to hijack and advertise IP space that you do not own? (when the owner of that space does not want you to advertise it)<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal"><u></u> <u></u></p>
</div>
<div>
<p class="MsoNormal">Why would anyone be against ARIN having a process to help resolve these issues? Sure we can question how effective it will be, but anything will be more effective than nothing, and by actually doing, failing and learning, ARIN will only
improve and refine the process. We will all learn from this.<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal"><u></u> <u></u></p>
</div>
</div>
</div>
</div>
</blockquote></div></div>