Update to weekly routing analysis summary

Lee Howard lhoward at uu.net
Tue Nov 14 18:34:16 EST 2000 

I'll look into it.

Since I work in Install, I'll confess that it's never occurred to me that
someone might try to announce an ASN they didn't own, or propagate an ASN
that wasn't legitmately their customer.  In a current thread on NANOG, 
somebody else pointed out that there's no benefit to it; they real owner
will catch you and make the upstream stop routing.  

Still, it's probably fair to say that I'm too trusting.  A logical question
then is, if a customer is propagating a bogus ASN to me, how would I stop it?  
Do other folks commonly use "AS Martian" access lists?  I'm not even sure
how I would begin to compile such a list.  
for ($asn=1; $asn<65535; $asn++) { if (! &whois($asn)) {push(@martians, $asn);} }      ## bleah

btw, when I say "I" or "me", I mean the guy typing, not the corporate 
entity known as UUNET, a WorldCom Company. 

Lee


On Wed, 15 Nov 2000, Philip Smith wrote:

> Date: Wed, 15 Nov 2000 08:10:52 +1000
> From: Philip Smith <pfs at cisco.com>
> To: Cathy Wittbrodt <cjw at remarque.org>
> Cc: rtma at arin.net
> Subject: Re: Update to weekly routing analysis summary 
> 
> Hi Cathy,
> 
> Thanks, I had hoped it would be useful. I don't want to be ASN policeman, 
> but I thought it would be interesting to look and compare what was being 
> announced versus what was actually registered somewhere. I was really 
> surprised that there were only 4 ASNs < 64511 being announced.
> 
> Now to figure out why ASN 2027 and ASN 5757 are being used on the Internet 
> without any registration information in ARIN's database, or indeed, 
> anywhere else...
> 
> Anyone any ideas, especially Interpacket and UUNET who are respectively 
> routing these two ASes? (When I was on the ISP side of the fence we never 
> routed anything if it wasn't registered somewhere, but maybe these "rules" 
> don't apply anymore...? :)
> 
> philip
> --
> 
> At 10:34 10/11/00 -0800, Cathy Wittbrodt wrote:
> 
> >This is cool Philip, thanks for the update!!!
> >
> >     From: Philip Smith <pfs at cisco.com>
> >     Subject: Update to weekly routing analysis summary
> >     Hi,
> >
> >     This is to inform you of a small modification to my weekly posting to 
> > this
> >     list. The "List of Illegal ASes" in the report has been replaced with 
> > the
> >     "List of Unregistered ASes". Basically this includes the previous 
> > private
> >     AS and reserved AS announcements, but adds to it the list of ASes 
> > announced
> >     for which there is no registration information contained in APNIC, ARIN,
> >     RIPE NCC, or DDN NIC (US Military) databases.
> >
> >     At first run there are three new ASes appearing in this list, in 
> > addition
> >     to the quantity of private ASes being leaked to the Internet. They are
> >     1877, 2027 and 5757.
> >
> >     Any comments or feedback welcome,
> >
> >     best wishes!
> >
> >     philip
> >     --
> >
>

More information about the Rtma mailing list