RE: IPv4 Subnet 23.151.232.0/24 blackholed?

2023-04-26 Thread Jon Lewis 
Now this is kind of interesting.  I see route-views can see the route 
now...


BGP routing table entry for 23.151.232.0/24, version 2814701286
Paths: (19 available, best #19, table default)
  Not advertised to any peer
  Refresh Epoch 1
   1257 6453 23470 23470 23470 23470
193.0.0.56 from 193.0.0.56 (193.0.0.56)
  Origin IGP, localpref 100, valid, external
  Community: 1257:50 1257:51 1257:3528 1257:4103
  path 7FE0DBA20378 RPKI State not found
  rx pathid: 0, tx pathid: 0
  Refresh Epoch 1
...

The only IRR route object I see for it is

route:  23.151.232.0/24
origin: AS23470
descr:  Qeru Systems, LLC
mnt-by: MAINT-AS23470
changed:j...@reliablesite.net 20230425  #01:09:36Z
source: RADB
rpki-ov-state:  not_found # No ROAs found, or RPKI validation not enabled for 
source

and there appears to be no ROA.

According to https://lg.as6453.net/doc/cust-routing-policy.html, I would 
not have expected Tata to accept this route from RELIABLESITE (not based 
on the above route object), unless Tata is not using an IRR-based 
auto-generated prefix-list filter for RELIABLESITE, but rather a manually 
edited one.


--
 Jon Lewis, MCP :)   |  I route
 StackPath, Sr. Neteng   |  therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_

Re: IPv4 Subnet 23.151.232.0/24 blackholed?

2023-04-26 Thread Mark Tinka 

You're welcome to use our looking glasses which over Europe and Africa:

https://as37100.net/

But so far, we are seeing this in AMS:

BGP routing table entry for 23.151.232.0/24, version 2411923092
Paths: (2 available, best #2, table default)
  Not advertised to any peer
  Refresh Epoch 1
  37100 3257 23470 23470 23470 23470
    105.26.64.17 from 105.26.64.17 (105.16.0.131)
  Origin IGP, metric 0, localpref 100, valid, external
  Community: 37100:1 37100:13
  path 211B5070 RPKI State not found
  rx pathid: 0, tx pathid: 0
  Refresh Epoch 1
  37100 3257 23470 23470 23470 23470
    105.26.64.1 from 105.26.64.1 (105.16.0.131)
  Origin IGP, metric 0, localpref 100, valid, external, best
  Community: 37100:1 37100:13
  path 211B6A5C RPKI State not found
  rx pathid: 0, tx pathid: 0x0

And in JNB:

BGP routing table entry for 23.151.232.0/24, version 1526622268
Paths: (2 available, best #2, table default)
  Not advertised to any peer
  Refresh Epoch 1
  37100 3257 23470 23470 23470 23470
    105.22.32.1 from 105.22.32.1 (105.16.0.163)
  Origin IGP, metric 0, localpref 100, valid, external
  Community: 37100:1 37100:13
  path 44E5427C RPKI State not found
  rx pathid: 0, tx pathid: 0
  Refresh Epoch 1
  37100 3257 23470 23470 23470 23470
    105.22.40.1 from 105.22.40.1 (105.16.0.162)
  Origin IGP, metric 0, localpref 100, valid, external, best
  Community: 37100:1 37100:13
  path 44E60E94 RPKI State not found
  rx pathid: 0, tx pathid: 0x0

Mark.

On 4/26/23 13:33, Travis Garrison wrote:


We are able to see your range from Cogent and Hurricane Electric now. 
Just took time


Routes For: 23.151.232.0/24

Timestamp: 2023-04-26 11:27:07 UTC

  - Prefix: 23.151.232.0/24

    - RPKI State: Not Verified

    - AS Path: 6939 → 23470 → 23470 → 23470 → 23470

    - Next Hop: 184.105.58.113

    - Weight: 170

    - Local Preference: 100

    - MED: 0

    - Communities:

- Originator:

- Peer: 216.218.253.50

    - Age: 6 hours (Wed, 26 Apr 2023 05:01:41 UTC)

  - Prefix: 23.151.232.0/24

    - RPKI State: Not Verified

    - AS Path: 6939 → 23470 → 23470 → 23470 → 23470

    - Next Hop: 184.105.92.241

    - Weight: 170

    - Local Preference: 100

    - MED: 0

    - Communities:

- Originator:

- Peer: 100.78.0.6

    - Age: 6 hours (Wed, 26 Apr 2023 05:01:39 UTC)

  - Prefix: 23.151.232.0/24

    - RPKI State: Not Verified

    - AS Path: 174 → 3257 → 23470 → 23470 → 23470 → 23470

    - Next Hop: 38.140.137.161

    - Weight: 170

    - Local Preference: 100

    - MED: 10020

    - Communities:

  - 174:21000

  - 174:22013

    - Originator:

- Peer: 66.28.1.16

    - Age: 3 hours (Wed, 26 Apr 2023 08:57:05 UTC)

Thanks

Travis

*From:* NANOG  *On 
Behalf Of *August Yang via NANOG

*Sent:* Tuesday, April 25, 2023 9:54 PM
*To:* Ryan Hamel ; Neel Chauhan ; 
nanog@nanog.org

*Subject:* Re: IPv4 Subnet 23.151.232.0/24 blackholed?

The range has only been announced for 2 hours. Just wait longer for 
filters to refresh as Ryan advised.


On 2023-04-25 10:49 p.m., Ryan Hamel wrote:

Neel,

Carriers rebuild their prefixes lists once or twice in a 24 hour
period. Considering that you just got the block today and is in
ReliableSite's AS-SET, you just got to be patient.

Having announcements propagated immediately either sounds like it
happened a day after you gave them the LOA, or they have
unfiltered transit circuits, which is worrisome.

Ryan

-- Original Message --
From "Neel Chauhan"  <mailto:n...@neelc.org>
To nanog@nanog.org
Date 4/25/2023 7:35:40 PM
    Subject IPv4 Subnet 23.151.232.0/24 blackholed?


Hi,

I recently got the IPv4 allocation 23.151.232.0/24 from ARIN.
I also had my hosting company ReliableSite announce it to the
internet.

Right now, I can only access networks that peer with
ReliableSite via internet exchanges, such as Google,
CloudFlare, OVH, Hurricane Electric, et al.

It seems the Tier 1 ISPs (e.g. Lumen, Cogent, AT, et al.)
are blackholing the IPv4 subnet 23.151.232.0/24. Could someone
who works at a Tier 1 NOC please check and remove the
blackhole if any exists?

Normally when ReliableSite announced my prior (then-leased)
IPv4 space it gets propagated via BGP almost immediately. This
time it's not going through at all.

Best,

Neel Chauhan

--
Best regards
August Yang

RE: IPv4 Subnet 23.151.232.0/24 blackholed?

2023-04-26 Thread Travis Garrison 
We are able to see your range from Cogent and Hurricane Electric now. Just took 
time

Routes For: 23.151.232.0/24
Timestamp: 2023-04-26 11:27:07 UTC
  - Prefix: 23.151.232.0/24
- RPKI State: Not Verified
- AS Path: 6939 → 23470 → 23470 → 23470 → 23470
- Next Hop: 184.105.58.113
- Weight: 170
- Local Preference: 100
- MED: 0
- Communities:
- Originator:
- Peer: 216.218.253.50
- Age: 6 hours (Wed, 26 Apr 2023 05:01:41 UTC)

  - Prefix: 23.151.232.0/24
- RPKI State: Not Verified
- AS Path: 6939 → 23470 → 23470 → 23470 → 23470
- Next Hop: 184.105.92.241
- Weight: 170
- Local Preference: 100
- MED: 0
- Communities:
- Originator:
- Peer: 100.78.0.6
- Age: 6 hours (Wed, 26 Apr 2023 05:01:39 UTC)

  - Prefix: 23.151.232.0/24
- RPKI State: Not Verified
- AS Path: 174 → 3257 → 23470 → 23470 → 23470 → 23470
- Next Hop: 38.140.137.161
- Weight: 170
- Local Preference: 100
- MED: 10020
- Communities:
  - 174:21000
  - 174:22013
- Originator:
- Peer: 66.28.1.16
- Age: 3 hours (Wed, 26 Apr 2023 08:57:05 UTC)

Thanks
Travis

From: NANOG  On Behalf Of 
August Yang via NANOG
Sent: Tuesday, April 25, 2023 9:54 PM
To: Ryan Hamel ; Neel Chauhan ; 
nanog@nanog.org
Subject: Re: IPv4 Subnet 23.151.232.0/24 blackholed?


The range has only been announced for 2 hours. Just wait longer for filters to 
refresh as Ryan advised.
On 2023-04-25 10:49 p.m., Ryan Hamel wrote:
Neel,

Carriers rebuild their prefixes lists once or twice in a 24 hour period. 
Considering that you just got the block today and is in ReliableSite's AS-SET, 
you just got to be patient.

Having announcements propagated immediately either sounds like it happened a 
day after you gave them the LOA, or they have unfiltered transit circuits, 
which is worrisome.

Ryan

-- Original Message --
From "Neel Chauhan" <mailto:n...@neelc.org>
To nanog@nanog.org<mailto:nanog@nanog.org>
Date 4/25/2023 7:35:40 PM
Subject IPv4 Subnet 23.151.232.0/24 blackholed?


Hi,

I recently got the IPv4 allocation 23.151.232.0/24 from ARIN. I also had my 
hosting company ReliableSite announce it to the internet.

Right now, I can only access networks that peer with ReliableSite via internet 
exchanges, such as Google, CloudFlare, OVH, Hurricane Electric, et al.

It seems the Tier 1 ISPs (e.g. Lumen, Cogent, AT, et al.) are blackholing the 
IPv4 subnet 23.151.232.0/24. Could someone who works at a Tier 1 NOC please 
check and remove the blackhole if any exists?

Normally when ReliableSite announced my prior (then-leased) IPv4 space it gets 
propagated via BGP almost immediately. This time it's not going through at all.

Best,

Neel Chauhan
--
Best regards
August Yang

Re: IPv4 Subnet 23.151.232.0/24 blackholed?

2023-04-25 Thread August Yang via NANOG 
The range has only been announced for 2 hours. Just wait longer for 
filters to refresh as Ryan advised.


On 2023-04-25 10:49 p.m., Ryan Hamel wrote:

Neel,

Carriers rebuild their prefixes lists once or twice in a 24 hour 
period. Considering that you just got the block today and is in 
ReliableSite's AS-SET, you just got to be patient.


Having announcements propagated immediately either sounds like it 
happened a day after you gave them the LOA, or they have unfiltered 
transit circuits, which is worrisome.


Ryan

-- Original Message --
From "Neel Chauhan" 
To nanog@nanog.org
Date 4/25/2023 7:35:40 PM
Subject IPv4 Subnet 23.151.232.0/24 blackholed?


Hi,

I recently got the IPv4 allocation 23.151.232.0/24 from ARIN. I also 
had my hosting company ReliableSite announce it to the internet.


Right now, I can only access networks that peer with ReliableSite via 
internet exchanges, such as Google, CloudFlare, OVH, Hurricane 
Electric, et al.


It seems the Tier 1 ISPs (e.g. Lumen, Cogent, AT, et al.) are 
blackholing the IPv4 subnet 23.151.232.0/24. Could someone who works 
at a Tier 1 NOC please check and remove the blackhole if any exists?


Normally when ReliableSite announced my prior (then-leased) IPv4 
space it gets propagated via BGP almost immediately. This time it's 
not going through at all.


Best,

Neel Chauhan

--
Best regards
August Yang

smime.p7s
Description: S/MIME Cryptographic Signature

Re: IPv4 Subnet 23.151.232.0/24 blackholed?

2023-04-25 Thread Jon Lewis 
You need to talk to ReliableSite and have them talk to their transits 
about accepting 23.151.232.0/24.


I see that you did create a route object...

route:  23.151.232.0/24
origin: AS23470
descr:  Qeru Systems, LLC
mnt-by: MAINT-AS23470
changed:j...@reliablesite.net 20230425  #01:09:36Z
source: RADB

but I'd dump RADB and create this object in the authoratative IRR, in this 
case ARIN's rr.arin.net.  At least some "Tier 1's" no longer honor route 
objects from non-authoratative IRRs when building prefix-list filters for 
their customers BGP sessions.


I'm not receiving your route, and route-views doesn't see it either.

On Tue, 25 Apr 2023, Neel Chauhan wrote:


Hi,

I recently got the IPv4 allocation 23.151.232.0/24 from ARIN. I also had my 
hosting company ReliableSite announce it to the internet.


Right now, I can only access networks that peer with ReliableSite via 
internet exchanges, such as Google, CloudFlare, OVH, Hurricane Electric, et 
al.


It seems the Tier 1 ISPs (e.g. Lumen, Cogent, AT, et al.) are blackholing 
the IPv4 subnet 23.151.232.0/24. Could someone who works at a Tier 1 NOC 
please check and remove the blackhole if any exists?


Normally when ReliableSite announced my prior (then-leased) IPv4 space it 
gets propagated via BGP almost immediately. This time it's not going through 
at all.


Best,

Neel Chauhan




--
 Jon Lewis, MCP :)   |  I route
 StackPath, Sr. Neteng   |  therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_

Re: IPv4 Subnet 23.151.232.0/24 blackholed?

2023-04-25 Thread Ryan Hamel 

Neel,

Carriers rebuild their prefixes lists once or twice in a 24 hour period. 
Considering that you just got the block today and is in ReliableSite's 
AS-SET, you just got to be patient.


Having announcements propagated immediately either sounds like it 
happened a day after you gave them the LOA, or they have unfiltered 
transit circuits, which is worrisome.


Ryan

-- Original Message --

From "Neel Chauhan" 

To nanog@nanog.org
Date 4/25/2023 7:35:40 PM
Subject IPv4 Subnet 23.151.232.0/24 blackholed?


Hi,

I recently got the IPv4 allocation 23.151.232.0/24 from ARIN. I also had my 
hosting company ReliableSite announce it to the internet.

Right now, I can only access networks that peer with ReliableSite via internet 
exchanges, such as Google, CloudFlare, OVH, Hurricane Electric, et al.

It seems the Tier 1 ISPs (e.g. Lumen, Cogent, AT, et al.) are blackholing the 
IPv4 subnet 23.151.232.0/24. Could someone who works at a Tier 1 NOC please check 
and remove the blackhole if any exists?

Normally when ReliableSite announced my prior (then-leased) IPv4 space it gets 
propagated via BGP almost immediately. This time it's not going through at all.

Best,

Neel Chauhan

IPv4 Subnet 23.151.232.0/24 blackholed?

2023-04-25 Thread Neel Chauhan 

Hi,

I recently got the IPv4 allocation 23.151.232.0/24 from ARIN. I also had 
my hosting company ReliableSite announce it to the internet.


Right now, I can only access networks that peer with ReliableSite via 
internet exchanges, such as Google, CloudFlare, OVH, Hurricane Electric, 
et al.


It seems the Tier 1 ISPs (e.g. Lumen, Cogent, AT, et al.) are 
blackholing the IPv4 subnet 23.151.232.0/24. Could someone who works at 
a Tier 1 NOC please check and remove the blackhole if any exists?


Normally when ReliableSite announced my prior (then-leased) IPv4 space 
it gets propagated via BGP almost immediately. This time it's not going 
through at all.


Best,

Neel Chauhan