[193729] in North American Network Operators' Group
Re: backbones filtering unsanctioned sites
daemon@ATHENA.MIT.EDU (Todd Crane)
Thu Feb 16 23:04:33 2017
X-Original-To: nanog@nanog.org
From: Todd Crane <todd.crane@n5tech.com>
Date: Thu, 16 Feb 2017 21:04:24 -0700
To: NANOG <nanog@nanog.org>
In-Reply-To: <77dda135-b451-9f52-18be-8b5b713090e8@gmail.com>
Errors-To: nanog-bounces@nanog.org
I am not familiar with Cogent=E2=80=99s architecture but why couldn=E2=80=99=
t they just null route the IP address at their edge routers from within =
Spain? I am not a lawyer but from what I understand, since the Spanish =
government has zero say on what goes on outside of their borders, a =
court order that may or may not have been issued is not a legal defense =
for blocking access around the world. Furthermore, I think that this =
should be viewed as a malicious act and not as unfortunate consequence =
or a breach of contract. As far as letting them off the hook because =
they only offer a partial view of the route table, our contract never =
anything about partial views. Force majeure only applies to thing they =
have no control over. For that to apply, the court order, if that=E2=80=99=
s what it was, would have to apply to every jurisdiction in which they =
operate. I am also skeptical of this court order, seeing as Ars was =
unable to independently verify.
Disclaimer:
We used to have Cogent transit and it was the single worst experience I =
have been through in my professional life. Every time I had to deal with =
them, it felt more like what I would dealing with the mobs that control =
much of Russia. Therefore, I am very hesitant to assume even the =
slightest bit of good faith towards them.
> On Feb 16, 2017, at 5:06 PM, Baldur Norddahl =
<baldur.norddahl@gmail.com> wrote:
>=20
> For transit maybe Cogent should have dropped the route, so they did =
not advertize a route to peers that included null routed parts.
>=20
> Den 16/02/2017 kl. 21.52 skrev Jean-Francois Mezei:
>> On 2017-02-16 14:59, Sadiq Saif wrote:
>>=20
>>> =46rom -
>>> =
https://arstechnica.com/tech-policy/2017/02/a-court-order-blocked-pirate-s=
ites-that-werent-supposed-to-be-blocked/
>>=20
>> Many thanks.
>>=20
>> pardon my ignorance here, but question:
>>=20
>> For an outfit such as Cogent which acts not only as a transit =
provider,
>> but also edge provider to large end users, can it easily implement =
such
>> a court order to block only edge interfaces and not to its transit
>> infrastructure?
>>=20
>> (aka: propagate null routes for 104.31.19.30 only to interfaces that
>> lead to end users, but leave core/GBP aspects without the block.)
>>=20
>> Or is BGP and any internal routing protocols so intermingled that it
>> becomes hard to manage such blocks ?
>>=20
>> The difficulty for network to block traffic becomes an important
>> argument when trying to convince governments that blocking should not =
be
>> done. (ex: Qu=C3=A9bec government wanting to block access to gambling =
sites
>> except its own).
>>=20
>=20
