[AusNOG] New /21 on Bogan / Delinquent Lists

Darren Moss Darren.Moss at em3.com.au
Fri Sep 18 09:29:37 EST 2009


Hi Elly,

This is a real pain for us, and we've tried working with APNIC previously, so I am going to vent.

I think this is more than just allocating and "managing" lists for ranges.
The real issue (for us anyway) is many of the ranges allocated by APNIC contain obsolete, incorrect or fake contact information for the block owner.

This leads to us filtering pretty much entire blocks for naughty people on the internet, which I believe leads to the issue occuring right now (yes I know this does not cover spoofing attempts, but it could help).

The amount of attacks on infrastructure was increased significantly, with many localised attacks coming from Asia-Pacific countries, which should be easily blocked either via contact with the provider or by a third party list.

I am surprised that in this day and age we don't have.....

A) APNIC checking block owner details and suspending where information is not correct (ie: automatic email checking or automatic phone dialer with response keys required)

B) APNIC co-ordinating with other parties (ie: RIPE) for their known bad lists, which the Asia-Pacific communities can utilise for routing, filtering, etc.

There's not much point allocating blocks if we can't monitor and manage when things go wrong.

We are just letting everyone do anything they want on our networks.

My 2c worth.

Regards, 
 
 
Darren Moss
General Manager, Director
[p] 1300 131 083 [f] 03 9017 2287
[e] Darren.Moss at em3.com.au [w] www.em3.com.au

em3 People and Technology | Managed Technology Experts
postal: PO Box 2333, Moorabbin VIC 3189

New Zealand Airedale Street, Auckland City
postal: PO Box 39573, Howick 2045
[p] 09 92 555 26 [f] 09 887 0273 [m] 021 841 541


-----Original Message-----
From: ausnog-bounces at lists.ausnog.net [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of Elly Tawhai
Sent: 2009-09-18 9:00 am
To: Nathan.Brookfield at serversaustralia.com.au
Cc: ausnog at ausnog.net
Subject: Re: [AusNOG] New /21 on Bogan / Delinquent Lists

Dear Nathan,

While APNIC tries its best to allocate clean blocks, as the free pool of
IPv4 address space reaches exhaustion it is becoming harder to prevent connectivity problems such as what you're currently experiencing from happening.

We understand that this is an important issue for the community; and as such, we do take action to minimize any problems that may result.

We are currently investing extra resources to extend our debogon testing inline with the increase in demand, and in communications and education campaigns to better inform the community of this potential problem.

I will be in touch to see how I can further assist you.

Regards,
Elly

------------------------------------------------------------------------

Elly Tawhai                               email:          elly at apnic.net
Senior Internet Resource Analyst/         sip:       elly at voip.apnic.net
Liaison Officer(Pacific), APNIC           phone:         +61 7 3858 3188
http://www.apnic.net                      fax:           +61 7 3858 3199

------------------------------------------------------------------------


Nathan Brookfield wrote:
> Hi All,
> 
> I know this is a bit of an unusual request, not something I see on AUSNOG regularly but we have had the very unfortunate luck of being assigned a /21 from APNIC within the last 2 months which we are now slowly starting to assign to customers.
> 
> When the first customer was put onto this subnet they advised that traffic from our network to ExeTEL appeared to be null routed into a blackhole so after raising a ticket with ExeTEL I quickly found out that the allocation had been blacklisted some years back for malicious activity, over the last weeks we have been escalating issues to Singtel and a long laundry list of other peers who have the prefix blocked.
> 
> Today we are dealing with Telstra who have the prefixed denied on all SMTP servers which has been fun but looks like it’s almost at an end. 
> 
> Can I please reach out to all Sys Admins on the group to check your networks and if you are blocking 180.92.192.0/21 if you could please allow traffic from this subnet back into your networks.
> 
> APNIC of course are no help, the fact it appears this subnet is less 
> than 90% routable does not help as they just won’t re-issue the 
> allocation plus we are too far past that stage now ☹
> 
> Thanks in advance!
> 
> Kindest Regards,
> Nathan Brookfield
> 
> IT Operations
> The One Provider Group Pty Ltd
> 
> Direct:		(02) 4307 4206
> Fax:		      (02) 4307 4201
> Network Ops:	(02) 9037 4343
> Web: 		      http://www.serversaustralia.com.au
> Office Address:	2/2 Teamster Close, Tuggerah NSW 2259
> Postal Address:	PO Box 3187, Tuggerah NSW 2259
> 
> 
> 
> 
> 
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog


More information about the AusNOG mailing list