RE: IPv4 Subnet 23.151.232.0/24 blackholed?
Now this is kind of interesting. I see route-views can see the route now... BGP routing table entry for 23.151.232.0/24, version 2814701286 Paths: (19 available, best #19, table default) Not advertised to any peer Refresh Epoch 1 1257 6453 23470 23470 23470 23470 193.0.0.56 from 193.0.0.56 (193.0.0.56) Origin IGP, localpref 100, valid, external Community: 1257:50 1257:51 1257:3528 1257:4103 path 7FE0DBA20378 RPKI State not found rx pathid: 0, tx pathid: 0 Refresh Epoch 1 ... The only IRR route object I see for it is route: 23.151.232.0/24 origin: AS23470 descr: Qeru Systems, LLC mnt-by: MAINT-AS23470 changed:j...@reliablesite.net 20230425 #01:09:36Z source: RADB rpki-ov-state: not_found # No ROAs found, or RPKI validation not enabled for source and there appears to be no ROA. According to https://lg.as6453.net/doc/cust-routing-policy.html, I would not have expected Tata to accept this route from RELIABLESITE (not based on the above route object), unless Tata is not using an IRR-based auto-generated prefix-list filter for RELIABLESITE, but rather a manually edited one. -- Jon Lewis, MCP :) | I route StackPath, Sr. Neteng | therefore you are _ http://www.lewis.org/~jlewis/pgp for PGP public key_
Re: IPv4 Subnet 23.151.232.0/24 blackholed?
You're welcome to use our looking glasses which over Europe and Africa: https://as37100.net/ But so far, we are seeing this in AMS: BGP routing table entry for 23.151.232.0/24, version 2411923092 Paths: (2 available, best #2, table default) Not advertised to any peer Refresh Epoch 1 37100 3257 23470 23470 23470 23470 105.26.64.17 from 105.26.64.17 (105.16.0.131) Origin IGP, metric 0, localpref 100, valid, external Community: 37100:1 37100:13 path 211B5070 RPKI State not found rx pathid: 0, tx pathid: 0 Refresh Epoch 1 37100 3257 23470 23470 23470 23470 105.26.64.1 from 105.26.64.1 (105.16.0.131) Origin IGP, metric 0, localpref 100, valid, external, best Community: 37100:1 37100:13 path 211B6A5C RPKI State not found rx pathid: 0, tx pathid: 0x0 And in JNB: BGP routing table entry for 23.151.232.0/24, version 1526622268 Paths: (2 available, best #2, table default) Not advertised to any peer Refresh Epoch 1 37100 3257 23470 23470 23470 23470 105.22.32.1 from 105.22.32.1 (105.16.0.163) Origin IGP, metric 0, localpref 100, valid, external Community: 37100:1 37100:13 path 44E5427C RPKI State not found rx pathid: 0, tx pathid: 0 Refresh Epoch 1 37100 3257 23470 23470 23470 23470 105.22.40.1 from 105.22.40.1 (105.16.0.162) Origin IGP, metric 0, localpref 100, valid, external, best Community: 37100:1 37100:13 path 44E60E94 RPKI State not found rx pathid: 0, tx pathid: 0x0 Mark. On 4/26/23 13:33, Travis Garrison wrote: We are able to see your range from Cogent and Hurricane Electric now. Just took time Routes For: 23.151.232.0/24 Timestamp: 2023-04-26 11:27:07 UTC - Prefix: 23.151.232.0/24 - RPKI State: Not Verified - AS Path: 6939 → 23470 → 23470 → 23470 → 23470 - Next Hop: 184.105.58.113 - Weight: 170 - Local Preference: 100 - MED: 0 - Communities: - Originator: - Peer: 216.218.253.50 - Age: 6 hours (Wed, 26 Apr 2023 05:01:41 UTC) - Prefix: 23.151.232.0/24 - RPKI State: Not Verified - AS Path: 6939 → 23470 → 23470 → 23470 → 23470 - Next Hop: 184.105.92.241 - Weight: 170 - Local Preference: 100 - MED: 0 - Communities: - Originator: - Peer: 100.78.0.6 - Age: 6 hours (Wed, 26 Apr 2023 05:01:39 UTC) - Prefix: 23.151.232.0/24 - RPKI State: Not Verified - AS Path: 174 → 3257 → 23470 → 23470 → 23470 → 23470 - Next Hop: 38.140.137.161 - Weight: 170 - Local Preference: 100 - MED: 10020 - Communities: - 174:21000 - 174:22013 - Originator: - Peer: 66.28.1.16 - Age: 3 hours (Wed, 26 Apr 2023 08:57:05 UTC) Thanks Travis *From:* NANOG *On Behalf Of *August Yang via NANOG *Sent:* Tuesday, April 25, 2023 9:54 PM *To:* Ryan Hamel ; Neel Chauhan ; nanog@nanog.org *Subject:* Re: IPv4 Subnet 23.151.232.0/24 blackholed? The range has only been announced for 2 hours. Just wait longer for filters to refresh as Ryan advised. On 2023-04-25 10:49 p.m., Ryan Hamel wrote: Neel, Carriers rebuild their prefixes lists once or twice in a 24 hour period. Considering that you just got the block today and is in ReliableSite's AS-SET, you just got to be patient. Having announcements propagated immediately either sounds like it happened a day after you gave them the LOA, or they have unfiltered transit circuits, which is worrisome. Ryan -- Original Message -- From "Neel Chauhan" <mailto:n...@neelc.org> To nanog@nanog.org Date 4/25/2023 7:35:40 PM Subject IPv4 Subnet 23.151.232.0/24 blackholed? Hi, I recently got the IPv4 allocation 23.151.232.0/24 from ARIN. I also had my hosting company ReliableSite announce it to the internet. Right now, I can only access networks that peer with ReliableSite via internet exchanges, such as Google, CloudFlare, OVH, Hurricane Electric, et al. It seems the Tier 1 ISPs (e.g. Lumen, Cogent, AT&T, et al.) are blackholing the IPv4 subnet 23.151.232.0/24. Could someone who works at a Tier 1 NOC please check and remove the blackhole if any exists? Normally when ReliableSite announced my prior (then-leased) IPv4 space it gets propagated via BGP almost immediately. This time it's not going through at all. Best, Neel Chauhan -- Best regards August Yang
RE: IPv4 Subnet 23.151.232.0/24 blackholed?
We are able to see your range from Cogent and Hurricane Electric now. Just took time Routes For: 23.151.232.0/24 Timestamp: 2023-04-26 11:27:07 UTC - Prefix: 23.151.232.0/24 - RPKI State: Not Verified - AS Path: 6939 → 23470 → 23470 → 23470 → 23470 - Next Hop: 184.105.58.113 - Weight: 170 - Local Preference: 100 - MED: 0 - Communities: - Originator: - Peer: 216.218.253.50 - Age: 6 hours (Wed, 26 Apr 2023 05:01:41 UTC) - Prefix: 23.151.232.0/24 - RPKI State: Not Verified - AS Path: 6939 → 23470 → 23470 → 23470 → 23470 - Next Hop: 184.105.92.241 - Weight: 170 - Local Preference: 100 - MED: 0 - Communities: - Originator: - Peer: 100.78.0.6 - Age: 6 hours (Wed, 26 Apr 2023 05:01:39 UTC) - Prefix: 23.151.232.0/24 - RPKI State: Not Verified - AS Path: 174 → 3257 → 23470 → 23470 → 23470 → 23470 - Next Hop: 38.140.137.161 - Weight: 170 - Local Preference: 100 - MED: 10020 - Communities: - 174:21000 - 174:22013 - Originator: - Peer: 66.28.1.16 - Age: 3 hours (Wed, 26 Apr 2023 08:57:05 UTC) Thanks Travis From: NANOG On Behalf Of August Yang via NANOG Sent: Tuesday, April 25, 2023 9:54 PM To: Ryan Hamel ; Neel Chauhan ; nanog@nanog.org Subject: Re: IPv4 Subnet 23.151.232.0/24 blackholed? The range has only been announced for 2 hours. Just wait longer for filters to refresh as Ryan advised. On 2023-04-25 10:49 p.m., Ryan Hamel wrote: Neel, Carriers rebuild their prefixes lists once or twice in a 24 hour period. Considering that you just got the block today and is in ReliableSite's AS-SET, you just got to be patient. Having announcements propagated immediately either sounds like it happened a day after you gave them the LOA, or they have unfiltered transit circuits, which is worrisome. Ryan -- Original Message -- From "Neel Chauhan" <mailto:n...@neelc.org> To nanog@nanog.org<mailto:nanog@nanog.org> Date 4/25/2023 7:35:40 PM Subject IPv4 Subnet 23.151.232.0/24 blackholed? Hi, I recently got the IPv4 allocation 23.151.232.0/24 from ARIN. I also had my hosting company ReliableSite announce it to the internet. Right now, I can only access networks that peer with ReliableSite via internet exchanges, such as Google, CloudFlare, OVH, Hurricane Electric, et al. It seems the Tier 1 ISPs (e.g. Lumen, Cogent, AT&T, et al.) are blackholing the IPv4 subnet 23.151.232.0/24. Could someone who works at a Tier 1 NOC please check and remove the blackhole if any exists? Normally when ReliableSite announced my prior (then-leased) IPv4 space it gets propagated via BGP almost immediately. This time it's not going through at all. Best, Neel Chauhan -- Best regards August Yang
Re: IPv4 Subnet 23.151.232.0/24 blackholed?
The range has only been announced for 2 hours. Just wait longer for filters to refresh as Ryan advised. On 2023-04-25 10:49 p.m., Ryan Hamel wrote: Neel, Carriers rebuild their prefixes lists once or twice in a 24 hour period. Considering that you just got the block today and is in ReliableSite's AS-SET, you just got to be patient. Having announcements propagated immediately either sounds like it happened a day after you gave them the LOA, or they have unfiltered transit circuits, which is worrisome. Ryan -- Original Message -- From "Neel Chauhan" To nanog@nanog.org Date 4/25/2023 7:35:40 PM Subject IPv4 Subnet 23.151.232.0/24 blackholed? Hi, I recently got the IPv4 allocation 23.151.232.0/24 from ARIN. I also had my hosting company ReliableSite announce it to the internet. Right now, I can only access networks that peer with ReliableSite via internet exchanges, such as Google, CloudFlare, OVH, Hurricane Electric, et al. It seems the Tier 1 ISPs (e.g. Lumen, Cogent, AT&T, et al.) are blackholing the IPv4 subnet 23.151.232.0/24. Could someone who works at a Tier 1 NOC please check and remove the blackhole if any exists? Normally when ReliableSite announced my prior (then-leased) IPv4 space it gets propagated via BGP almost immediately. This time it's not going through at all. Best, Neel Chauhan -- Best regards August Yang smime.p7s Description: S/MIME Cryptographic Signature
Re: IPv4 Subnet 23.151.232.0/24 blackholed?
You need to talk to ReliableSite and have them talk to their transits about accepting 23.151.232.0/24. I see that you did create a route object... route: 23.151.232.0/24 origin: AS23470 descr: Qeru Systems, LLC mnt-by: MAINT-AS23470 changed:j...@reliablesite.net 20230425 #01:09:36Z source: RADB but I'd dump RADB and create this object in the authoratative IRR, in this case ARIN's rr.arin.net. At least some "Tier 1's" no longer honor route objects from non-authoratative IRRs when building prefix-list filters for their customers BGP sessions. I'm not receiving your route, and route-views doesn't see it either. On Tue, 25 Apr 2023, Neel Chauhan wrote: Hi, I recently got the IPv4 allocation 23.151.232.0/24 from ARIN. I also had my hosting company ReliableSite announce it to the internet. Right now, I can only access networks that peer with ReliableSite via internet exchanges, such as Google, CloudFlare, OVH, Hurricane Electric, et al. It seems the Tier 1 ISPs (e.g. Lumen, Cogent, AT&T, et al.) are blackholing the IPv4 subnet 23.151.232.0/24. Could someone who works at a Tier 1 NOC please check and remove the blackhole if any exists? Normally when ReliableSite announced my prior (then-leased) IPv4 space it gets propagated via BGP almost immediately. This time it's not going through at all. Best, Neel Chauhan -- Jon Lewis, MCP :) | I route StackPath, Sr. Neteng | therefore you are _ http://www.lewis.org/~jlewis/pgp for PGP public key_
Re: IPv4 Subnet 23.151.232.0/24 blackholed?
Neel, Carriers rebuild their prefixes lists once or twice in a 24 hour period. Considering that you just got the block today and is in ReliableSite's AS-SET, you just got to be patient. Having announcements propagated immediately either sounds like it happened a day after you gave them the LOA, or they have unfiltered transit circuits, which is worrisome. Ryan -- Original Message -- From "Neel Chauhan" To nanog@nanog.org Date 4/25/2023 7:35:40 PM Subject IPv4 Subnet 23.151.232.0/24 blackholed? Hi, I recently got the IPv4 allocation 23.151.232.0/24 from ARIN. I also had my hosting company ReliableSite announce it to the internet. Right now, I can only access networks that peer with ReliableSite via internet exchanges, such as Google, CloudFlare, OVH, Hurricane Electric, et al. It seems the Tier 1 ISPs (e.g. Lumen, Cogent, AT&T, et al.) are blackholing the IPv4 subnet 23.151.232.0/24. Could someone who works at a Tier 1 NOC please check and remove the blackhole if any exists? Normally when ReliableSite announced my prior (then-leased) IPv4 space it gets propagated via BGP almost immediately. This time it's not going through at all. Best, Neel Chauhan
IPv4 Subnet 23.151.232.0/24 blackholed?
Hi, I recently got the IPv4 allocation 23.151.232.0/24 from ARIN. I also had my hosting company ReliableSite announce it to the internet. Right now, I can only access networks that peer with ReliableSite via internet exchanges, such as Google, CloudFlare, OVH, Hurricane Electric, et al. It seems the Tier 1 ISPs (e.g. Lumen, Cogent, AT&T, et al.) are blackholing the IPv4 subnet 23.151.232.0/24. Could someone who works at a Tier 1 NOC please check and remove the blackhole if any exists? Normally when ReliableSite announced my prior (then-leased) IPv4 space it gets propagated via BGP almost immediately. This time it's not going through at all. Best, Neel Chauhan