[95904] in North American Network Operators' Group
RE: Abuse procedures... Reality Checks
daemon@ATHENA.MIT.EDU (Frank Bulk)
Mon Apr 9 17:17:33 2007
Reply-To: <frnkblk@iname.com>
From: "Frank Bulk" <frnkblk@iname.com>
To: <nanog@merit.edu>
Date: Mon, 9 Apr 2007 16:01:20 -0500
In-Reply-To: <461AA50E.5080607@templin.org>
Errors-To: owner-nanog@merit.edu
That's been my entire point. Network operators who properly SWIP don't get
credit for going through the legwork by other networks that apply
quasi-arbitrary bit masks to their blocks.
As I said before, if you're going to block a /24, why not do it right and
block *all* the IPs in their ASN? My DSL and cable modem subscribers are
spread across a dozen non-contiguous /24s. If the bothered network is upset
with one of my cable modem subs and blocks just one /24 they will open
themselves up when that CPE obtains a new IP in a different /24.
Frank
-----Original Message-----
From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of Pete
Templin
Sent: Monday, April 09, 2007 3:42 PM
To: Chris Owen
Cc: nanog@merit.edu
Subject: Re: Abuse procedures... Reality Checks
Chris Owen wrote:
> Well, "well managed" to me would mean that allocations from that /20
> were SWIPed or a rwhois server was running so that if any of those 4,000
> IP addresses does something bad you don't get caught in the middle.
Due diligence with SWIP/rwhois only means that one customer is well
documented apart from another. As this thread has highlighted, some
people filter/block based on random variables: the covering /24, the
covering aggregate announcement, and/or arbitrary bit lengths. If a
particular server is within the scope of what someone decides to
filter/block, it gets filtered or blocked. Good SWIPs/rwhois entries
don't mean jack to those admins.
pt
