[56548] in North American Network Operators' Group
RE: 69/8...this sucks -- Centralizing filtering..
daemon@ATHENA.MIT.EDU (Todd A. Blank)
Mon Mar 10 17:05:50 2003
Date: Mon, 10 Mar 2003 17:02:16 -0500
From: "Todd A. Blank" <todd.blank@ipoutlet.com>
To: <jlewis@lewis.org>, <eddy+public+spam@noc.everquick.net>
Cc: <nanog@merit.edu>
Errors-To: owner-nanog-outgoing@merit.edu
I continue to agree that moving critical resources (see below) to these
new blocks is the best approach I have seen or heard in the months since
I made the original post. This approach punishes the clueless instead
of the people that already know what the problem is (and have to live
with it every day).
I can't begin to calculate the amount of support time we have burned
contacting the offending networks. I know the cost has been prohibitive
at best.
I have seen this suggestion once before (maybe even by Jon) and I still
think it is the best way things will get resolved quickly.
Maybe we should suggest that ARIN also host some of their stuff on this
block :-)
Todd
IPOutlet LLC
-----Original Message-----
From: jlewis@lewis.org [mailto:jlewis@lewis.org]=20
Sent: Monday, March 10, 2003 12:52 PM
To: E.B. Dreger
Cc: nanog@merit.edu
Subject: RE: 69/8...this sucks -- Centralizing filtering..
On Mon, 10 Mar 2003, E.B. Dreger wrote:
> Now, how can we force that? Sufficient reward for doing so, or
> pain for failure. Evidently "some people can't reach you" isn't
> enough pain, and having full reachability isn't enough reward.
I think the only way that's relatively guaranteed to be effective is to=20
move a critical resource (like the gtld-servers) into new IP blocks when
previously reserved blocks are assigned to RIR's.
I still have a couple hundred thousand IPs to check (I'm going to step
up
the pace and see if I can get through the list today), but I already
have
a list of several hundred IPs in networks that ignore 69/8. The list
includes such networks as NASA, the US DoD, and networks in China,
Russia,
and Poland. Those are just a few that I've done manual whois's for.
I haven't decided yet whether I'll send automated messages to all the=20
broken networks and give them time to respond and fix their filters, or=20
just post them all to NANOG when the list is complete.
Are people interested in seeing the full list (at least the ones I find)
of networks that filter 69/8?
Does Atlantic.Net get an ARIN discount for doing all this leg work? :)
=20
----------------------------------------------------------------------
Jon Lewis *jlewis@lewis.org*| I route
System Administrator | therefore you are
Atlantic Net | =20
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
