Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

UUNet goon

1 view
Skip to first unread message

Joe Shaw

unread,
Dec 9, 1998, 3:00:00 AM12/9/98
to

I'm wondering why someone at UUNet decided to start announcing a /24
(209.113.17.0) out of our ARIN assigned /17 (209.113.0.0).

>whois 209.11...@whois.arin.net
[whois.arin.net]
Insync Internet Services (NETBLK-INSYNC3)
5555 San Felipe, Suite 700
Houston, TX 77056
US

Netname: INSYNC3
Netblock: 209.113.0.0 - 209.113.127.255
Maintainer: SYNC

An example from Nitrous (MAE West):

BGP routing table entry for 209.113.17.0/24, version 335267
Paths: (6 available, best #1)
701
165.117.52.234 (metric 14) from 165.117.1.145
Origin IGP, metric 4294967294, localpref 100, valid, internal, best
Community: 2548:186 2548:666 3706:153
Originator : 165.117.1.145, Cluster list: 165.117.1.145
701
206.181.125.154 (metric 52) from 165.117.1.57
Origin IGP, metric 4294967294, localpref 100, valid, internal
Community: 2548:219 2548:666 3706:120
Originator : 165.117.1.57, Cluster list: 165.117.1.57

[SNIP]

And here's our /17 from MAE West (5003 is us):

BGP routing table entry for 209.113.0.0/17, version 102340
Paths: (14 available, best #13, advertised over IBGP)
3561 3831 5003, (aggregated by 5003 10.10.10.12)
192.157.69.48 (metric 47) from 165.117.1.120
Origin IGP, metric 4294967294, localpref 100, valid, internal,
atomic-aggregate
Community: 2548:202 2548:666 3706:143
701 5003 5003, (aggregated by 5003 10.10.10.8)
137.39.140.21 (metric 70) from 165.117.1.76
Origin IGP, metric 4294967294, localpref 100, valid, internal,
atomic-aggregate
Community: 2548:254 2548:666 3706:102
Originator : 165.117.1.76, Cluster list: 165.117.1.76

It appears that one of our previous customers who was assigned that class
C by us decided to buy a T1 from UUNet and UUNet let them use our IP
space. What kind of checks are usually done when peolpe come to the NSP's
with other people's address space? A simple check at ARIN would have
shown that the entire /17 is our IP space. What really chaps my ass is
we're a UUNet multi-meg customer and so far I'm fighting to have to get
them to stop blackholing my IP space. I guess their guaranteed service
clause is going to come in handy this month. I smell a free month of
service coming.

--
Joseph Shaw - js...@insync.net
NetAdmin/Security - Insync Internet Services
Free UNIX advocate - "I hack, therefore I am."

Marc Slemko

unread,
Dec 9, 1998, 3:00:00 AM12/9/98
to
On Wed, 9 Dec 1998, Joe Shaw wrote:

> It appears that one of our previous customers who was assigned that class
> C by us decided to buy a T1 from UUNet and UUNet let them use our IP
> space. What kind of checks are usually done when peolpe come to the NSP's
> with other people's address space? A simple check at ARIN would have

For most of the major backbones? Very little as far as I see. A cheque
in hand, and they are happy to announce anything, including /32s, rfc1918
space, etc. Sometimes, if you complain they will fix it in a week or two.

If you look at the past few years, it is very obvious that some of the
major backbones (no names...) have very little in place to control what
routes they announce or customers announce and very little control in
place to verify such changes before they are made. You have to wonder if
a customer signed up with one of them and started doing abusive and
destructive things with BGP if it would take as long for them to take
action as it does at times when leased line customers spam.

Many or most smaller backbones and providers seem to have much better
controls in place.

0 new messages