[AusNOG] New /21 on Bogan / Delinquent Lists

McDonald Richards macca at vocus.com.au
Fri Sep 18 10:29:15 EST 2009 

If it helps, the places we normally experience the most trouble with trying to get new allocations “debogoned” are the managed service providers taking care of the major banks. I can almost guarantee you wont get to CBA/Netbank from a new allocation without having to track down the right people over there (and inside their provider) to speak to.  Having been through the process now, if you're having problems with that particular site drop me a mail offlist and I'll pass you a contact who can help resolve it for you :)

Macca




From: ausnog-bounces at lists.ausnog.net [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of Matthew Moyle-Croft
Sent: Friday, 18 September 2009 10:22 AM
To: Darren Moss
Cc: ausnog at ausnog.net; Nathan.Brookfield at serversaustralia.com.au
Subject: Re: [AusNOG] New /21 on Bogan / Delinquent Lists

It's a pain to have to put effort into new netblocks (we got some of the original space that had this problem several years ago), but the reality is that I doubt there's a lot APNIC can do.

If a provider/end user/corporate isn't actually actively managing it's routing and filtering then APNIC probably can't get them to care about something that "might affect them".  Easier, from their brain space, to manage via exception.

What I think IS worth coordinating and documenting are the people who seem to have problems with actively managing their filtering and the contacts for fixing the issues.  

A central list for this means that you have a list of people who need "education" and a way of solving the problems quickly.

Make it available via APNIC's myapnic website or something.

MMC

On 18/09/2009, at 8:59 AM, Darren Moss wrote:


Hi Elly,

This is a real pain for us, and we've tried working with APNIC previously, so I am going to vent.

I think this is more than just allocating and "managing" lists for ranges.
The real issue (for us anyway) is many of the ranges allocated by APNIC contain obsolete, incorrect or fake contact information for the block owner.

This leads to us filtering pretty much entire blocks for naughty people on the internet, which I believe leads to the issue occuring right now (yes I know this does not cover spoofing attempts, but it could help).

The amount of attacks on infrastructure was increased significantly, with many localised attacks coming from Asia-Pacific countries, which should be easily blocked either via contact with the provider or by a third party list.

I am surprised that in this day and age we don't have.....

A) APNIC checking block owner details and suspending where information is not correct (ie: automatic email checking or automatic phone dialer with response keys required)

B) APNIC co-ordinating with other parties (ie: RIPE) for their known bad lists, which the Asia-Pacific communities can utilise for routing, filtering, etc.

There's not much point allocating blocks if we can't monitor and manage when things go wrong.

We are just letting everyone do anything they want on our networks.

My 2c worth.

Regards, 


Darren Moss
General Manager, Director
[p] 1300 131 083 [f] 03 9017 2287
[e] Darren.Moss at em3.com.au [w] www.em3.com.au

em3 People and Technology | Managed Technology Experts
postal: PO Box 2333, Moorabbin VIC 3189

New Zealand Airedale Street, Auckland City
postal: PO Box 39573, Howick 2045
[p] 09 92 555 26 [f] 09 887 0273 [m] 021 841 541


-----Original Message-----
From: ausnog-bounces at lists.ausnog.net [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of Elly Tawhai
Sent: 2009-09-18 9:00 am
To: Nathan.Brookfield at serversaustralia.com.au
Cc: ausnog at ausnog.net
Subject: Re: [AusNOG] New /21 on Bogan / Delinquent Lists

Dear Nathan,

While APNIC tries its best to allocate clean blocks, as the free pool of
IPv4 address space reaches exhaustion it is becoming harder to prevent connectivity problems such as what you're currently experiencing from happening.

We understand that this is an important issue for the community; and as such, we do take action to minimize any problems that may result.

We are currently investing extra resources to extend our debogon testing inline with the increase in demand, and in communications and education campaigns to better inform the community of this potential problem.

I will be in touch to see how I can further assist you.

Regards,
Elly

------------------------------------------------------------------------

Elly Tawhai                               email:          elly at apnic.net
Senior Internet Resource Analyst/         sip:       elly at voip.apnic.net
Liaison Officer(Pacific), APNIC           phone:         +61 7 3858 3188
http://www.apnic.net                      fax:           +61 7 3858 3199

------------------------------------------------------------------------


Nathan Brookfield wrote:

Hi All,

I know this is a bit of an unusual request, not something I see on AUSNOG regularly but we have had the very unfortunate luck of being assigned a /21 from APNIC within the last 2 months which we are now slowly starting to assign to customers.

When the first customer was put onto this subnet they advised that traffic from our network to ExeTEL appeared to be null routed into a blackhole so after raising a ticket with ExeTEL I quickly found out that the allocation had been blacklisted some years back for malicious activity, over the last weeks we have been escalating issues to Singtel and a long laundry list of other peers who have the prefix blocked.

Today we are dealing with Telstra who have the prefixed denied on all SMTP servers which has been fun but looks like it’s almost at an end. 

Can I please reach out to all Sys Admins on the group to check your networks and if you are blocking 180.92.192.0/21 if you could please allow traffic from this subnet back into your networks.

APNIC of course are no help, the fact it appears this subnet is less 
than 90% routable does not help as they just won’t re-issue the 
allocation plus we are too far past that stage now ☹

Thanks in advance!

Kindest Regards,
Nathan Brookfield

IT Operations
The One Provider Group Pty Ltd

Direct:		(02) 4307 4206
Fax:		      (02) 4307 4201
Network Ops:	(02) 9037 4343
Web: 		     http://www.serversaustralia.com.au
Office Address:	2/2 Teamster Close, Tuggerah NSW 2259
Postal Address:	PO Box 3187, Tuggerah NSW 2259





_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog
_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog
_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

-- 
Matthew Moyle-Croft 
Networks, Internode/Agile
Level 5, 162 Grenfell Street, Adelaide, SA 5000 Australia
Email: mmc at internode.com.au    Web: http://www.on.net
Direct: +61-8-8228-2909		     Mobile: +61-419-900-366
Reception: +61-8-8228-2999        Fax: +61-8-8235-6909

More information about the AusNOG mailing list