courtneysm...@comcast.net wrote the following on 1/16/2014 12:26 PM:
On 16/01/2014 14:32, Blake Hudson wrote:
Thanks for the responses, these objects are all older. However, none of
them are stale or from previous owners, allocations, etc. Each of these
objects were posted to their respective IRR's after the IP space was
allocated to us. This leads me to believe that the individual IRR's really
do very little checking for accuracy and their usefulness is then
questionable.
Oh yeah. I got hit by that sort of thing a week or two back. It wasn't
origin: AS14179 / mnt-by: MAINT-AS28071, by any chance? AS14179 have been
hijacking chunks of space from the various registries.
Nick
------------------------------
Another possible scenario.
a.b.c.d/24->small_isp->regional_isp->Level3
Imagine a regional ISP is a customer of Level3. Level3 filters the regional ISP
based on Regional ISP's IRR objects. Small ISP buys access from Regional. Small
ISP doesn't maintain their own objects. Regional ISP wants Small's business so
doesn't force the issue. Regional manually maintains the filters. Regional adds
objects under Regional's maintainer whenever Small request a filter change. If
they don’t, Level3 wont accept the announcement from them. Customer with
a.b.c.d/24 has no idea about any of this.
Now we are years later. Customer has either moved to another small ISP or Small
ISP found a different regional ISP.
a.b.c.d/24->small_isp->new_regional_isp->Level3
or
a.b.c.d/24->new_small_isp->new_regional_isp->Level3
The original Regional ISP didnt remember to delete all the objects related to
Small ISP's customers. The objects just sit there until one day customer has
interest in registring their own object. Customer sees entries for their /24
under Regional ISP's objects. Customer knows they have never done business with
Regional. Also the objects are newer than the customer's allocation from their
RIR. Customer comes to the conclusion that Regional ISP must have been
hi-jacking their space or doing some other naughtiness.
Proxy registering objects isn't a good idea. However, the number of networks
with allocations from ARIN registering objects in any IRR appears to be
extremely low. ARIN doesn’t charge you more to use rr.arin.net. Folks seem to
not be aware of IRR or perceive it provides no benefit to them. Will RPKI
adoption suffer the same fate?
I can understand the scenarios you've described. In fact, the timing
does seem to indicate that someone was thinking they were doing
something helpful (the route objects were introduced around the time we
started announcing the allocation). The part that doesn't make sense is
that one of the route objects has valid information and the other three
were entered for AS #'s that are not peers of ours and should not have
ever been transit paths to L3. We do peer with folks that peer with L3,
however the route objects in L3's databases are for different ASs.
I'm glad that ARIN provides an IRR, and hope to use it. With an
authority that actually has the information necessary to perform
authorization checks, I'm not sure why there's a need for independent
IRRs to exist. Perhaps they filled a gap at some point in the past?
--Blake