[182520] in North American Network Operators' Group
Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last
daemon@ATHENA.MIT.EDU (Colin Johnston)
Mon Jul 20 15:18:54 2015
X-Original-To: nanog@nanog.org
In-Reply-To: <13446.1437418638@turing-police.cc.vt.edu>
From: Colin Johnston <colinj@gt86car.org.uk>
Date: Mon, 20 Jul 2015 20:18:46 +0100
To: "Valdis.Kletnieks@vt.edu" <Valdis.Kletnieks@vt.edu>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
in war you take information at face value and use it if needed to mitigate r=
isk, if there is legit traffic in blocked ranges then excemption procedure i=
n place to unblock.
colin
Sent from my iPhone
> On 20 Jul 2015, at 19:57, Valdis.Kletnieks@vt.edu wrote:
>=20
> On Mon, 20 Jul 2015 19:42:39 +0100, Colin Johnston said:
>> see below for china ranges I believe, ipv4 and ipv6
>=20
> You may believe... but are you *sure*? (Over the years, we've seen
> *lots* of "block China" lists that accidentally block chunks allocated
> to Taiwan or Australia or other Pacific Rim destinations).
>=20
> And remember - asking the NIC doesn't help, because there are almost
> certainly blocks allocated that the registration points to Korea or
> someplace, but the provider routes a sub-block to China. And let's
> not even get started on blocks allocated by ARIN or RIPE....
>=20
> (Yes, it *was* a trick question :)
>=20
