[AusNOG] Urgent - Pacnet NOC contact (with BGP clue)

Marcus Emanuel @ HostCorp marcus at hostcorp.com.au
Sun Dec 12 09:51:47 EST 2010


Regarding the Juvenile Justice method....

You don't need a connection through pacnet...
Just announce the AINS's entire list of BGP routes to your IP transit
provider. Apparently if there is no law or perceived wrongdoing restricting
a carrier or ISP from announcing random routes at their leisure, so you can
too... only you can potentially affect all their customers. I am sure that
would get some attention.

With that gray option at your left hand, its best to uphold the courtesy
amongst ISP's and not jump on the 'he hit me first' bandwagon. But Keep it
close by. It would be interesting to do that and jump on your OS flight on
Sunday. - again, don't do that ;-)  

But really, Surely your customer isn't contesting tens of thousands of
dollars with AINS, cant they agree to disagree and leave that disagreement
between the customer and AINS. I don't believe the Internet Routing Table
should be used as a coercion tool. And would love to see the specific
paragraph in the AINS contract which suggested this illegal activity as a
just action. Remember that word.. 'Coercion' - raise it with your AFP
Contact.   If Chopper knew how to do this back in the day, I am sure that's
how he would have ensured his 'protection' continued for his 'clients'- But
there was no internet then...

Anyway, 
I don't want my customers annoying me because  they cant get to your
customers routes, and neither does any other engineer in the world. We are
potentially having thousands of hours wasted around the world by the actions
of this ISP in troubleshooting resources.

I know we are only hearing one side of this, and it would be interesting to
hear from AINS with their perspective, but I suspect if they are
intentionally doing as you say, they will hide behind the curtain.

Good Luck Skeeve.

Marcus.

-----Original Message-----
From: ausnog-bounces at lists.ausnog.net
[mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of Kris Price
Sent: Saturday, 11 December 2010 11:51 AM
To: ausnog at lists.ausnog.net
Subject: Re: [AusNOG] Urgent - Pacnet NOC contact (with BGP clue)

Pacnet, apparently now the hijacker's transit provider of choice.

This is pretty crap. But it doesn't sound like you can do much if Pacnet are
complicit in this.

a) Get Pacnet to stop importing your customer's prefixes from AINS (of
course Pacnet should not automatically trust you, but should contact the
owner of the prefixes as listed in whois to confirm the situation) but
Pacnet are refusing.

b) Go for juvenile justice. Procure a connection to pacnet through some
means and start announcing all of AINS blocks as /24s -- apparently this
behaviour is OK according to Pacnet and they won't stop you. (But no, *I'm
not serious.*)

c) Get your customer back online using some other prefixes, perhaps from
your new upstream? Are there some mission critical servers that can be
renumbered/NAT'd first or similar?

d) Involve the law -- slow. But until Pacnet come around seems your only
choice.

I'll be interested to hear how this plays out.



On 11/12/2010 12:32 a.m., Skeeve Stevens wrote:
> Further update.
>
> Thanks to the (about) two dozen emails off-list. A lot of useful advice.
Much of it suggesting legal remedies - which I believe may happen next week
anyway, but considering the network is completely down, waiting 3 days isn't
really an option.
>
> Talked to the NOC engineer in Sydney (thanks off-list email for details),
and even after 25 mins of talking to him, he seemed paralysed.... everyone
seems paralysed at Pacnet, afraid to make a decision and seemingly incapable
of understanding the situation.  He seemed to be even too scared to call his
boss and pass it up the chain "but it is after hours!... I shouldn't ring
him" and suggested that I wait till Monday so the legal department can
investigate it.
>
> How simple is this?  The resources are clearly owned by my customer... who
has withdrawn any permission that AINS thinks they had, assumed or implied,
and now does NOT have the right to announce the ranges.
>
> I am not even sure how these people can condone doing nothing... He
wouldn't even ring his own customer to ask him what the situation was and
whether they thought they owned the ranges.
>
> It is my belief that Pacnet, having been informed of the situation, and
also have been contacted by APNIC asking them to crease the routing, they
are now a part of the situation.
>
> Pacnet largely seem not to care because we are not their customer.
>
> The only thing I can think is that I get as many Pacnet customers to ring
up and complain that they are unable to get to 180.189.136.0/22 and
175.45.144.0/20 ranges.  Maybe they will listen to their own customers?
Just remember guys, if this was happening to you, you would really love some
help.  We need to act as a community and stick together.
>
> I am going to investigate what APNIC policy proposals I can do which might
help this situation - if anyone has ideas... feel free to discuss.
>
>
> ...Skeeve
>
> --
> Skeeve Stevens, CEO
> eintellego Pty Ltd - The Networking Specialists skeeve at eintellego.net 
> / www.eintellego.net
> Phone: 1300 753 383, Fax: (+612) 8572 9954 Cell +61 (0)414 753 383 / 
> skype://skeeve www.linkedin.com/in/skeeve ; facebook.com/eintellego
> --
> eintellego - The Experts that the Experts call
> - Juniper - HP Networking - Cisco - Brocade - Arista - Allied Telesis
>
> From: ausnog-bounces at lists.ausnog.net 
> [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of Skeeve Stevens
> Sent: Friday, 10 December 2010 8:00 PM
> To: ausnog at ausnog.net
> Subject: Re: [AusNOG] Urgent - Pacnet NOC contact (with BGP clue)
>
> So, to update.
>
> After finally getting a Pacnet engineer who understood BGP and the issue
(and was referring to my initial email to AusNOG), the engineer was
instructed by his boss (don't have a name) to tell me to call APNIC.... but
couldn't tell me what they expected APNIC to do.
>
> I informed the Pacnet engineer (Ramon) that if they keep allowing AINS to
announce the ranges (see below) then they are party to the Denial of Service
that is going on and in turn are committing a criminal act as well.
>
> Btw... the ranges I noted: 180.189.136.0/22 and 175.45.144.0/20 are being
announced by AINS as /24's for maximum disruption effect.
>
> I've now called APNIC and they're not a 24/7 operation and while I was
able to get it escalated to someone to figure out if perhaps APNIC can send
an email to Pacnet to ask them to stop the announcements from their customer
(AINS)... not that in the slightest way this should be required at all.  I
am waiting for APNIC to call me back to tell me if they can do anything
(doubtful - but Pacnet seem to think they have authority here).
>
> Pacnet, who are extremely hard to talk to and no-one seems to want to take
any responsibility, in my opinion, since they've now been informed of the
act, and are (at the moment) choosing not to do anything, then they are now
a party to the denial of service (using BGP).
>
> Now, I've received advice of take it legal... and we will..... but it is
Friday night... and I don't want to have this network down for the next
two-three days (especially as I leave the country Sunday).
>
> Now, I guess my next request to this list would be - does anyone know
anyone of sufficient authority level at Pacnet who can instruct their
engineers to fix this situation?
>
> ...Skeeve
>
> --
> Skeeve Stevens, CEO
> eintellego Pty Ltd - The Networking Specialists skeeve at eintellego.net 
> / www.eintellego.net
> Phone: 1300 753 383, Fax: (+612) 8572 9954 Cell +61 (0)414 753 383 / 
> skype://skeeve www.linkedin.com/in/skeeve ; facebook.com/eintellego
> --
> eintellego - The Experts that the Experts call
> - Juniper - HP Networking - Cisco - Brocade - Arista - Allied Telesis
>
> From: Skeeve Stevens
> Sent: Friday, 10 December 2010 6:26 PM
> To: ausnog at ausnog.net
> Subject: Urgent - Pacnet NOC contact (with BGP clue)
>
> Hey all,
>
> The situation I had a month or so ago with a provider announcing ranges of
a customer they had cut-off as a form of punishment, has raised its head
again.
>
> This time I will name names, as I've just had a conversation with the GM
of AINS (www.ains.com.au<http://www.ains.com.au>) Curtis Raams who said that
it was their right to do so.
>
> They seem to think that because they have an agreement to service the
customer, that when they are suspended they are allowed to announce the
customers ranges into the global table, to stop them using them.
>
> The customer is multi-homed and is now essentially suffering the effects
of a Denial of Service issue due to these announcements.
>
> My simply resolution, is to get Pacnet to stop announcing their ranges...
and essentially it will be 99% resolved... if AINS don't want to talk to
them that is up to them.
>
> The ranges affected (Belonging to Alumina Networks)
>
> 180.189.136.0/22
>
> And possibly 175.45.144.0/20
>
> The announcements may be smaller than this (le24)
>
> Either could a Pacnet NOC guy with BGP clue contact me on my cell below,
or someone provide a direct NOC contact of Pacnet... I have been on hold to
their support line for a while now and not having any luck getting someone
who understands what I'm talking about.
>
>
> ...Skeeve
>
> --
> Skeeve Stevens, CEO
> eintellego Pty Ltd - The Networking Specialists skeeve at eintellego.net 
> / www.eintellego.net
> Phone: 1300 753 383, Fax: (+612) 8572 9954 Cell +61 (0)414 753 383 / 
> skype://skeeve www.linkedin.com/in/skeeve ; facebook.com/eintellego
> --
> eintellego - The Experts that the Experts call
> - Juniper - HP Networking - Cisco - Brocade - Arista - Allied Telesis
>
> Disclaimer: Limits of Liability and Disclaimer: This message is for 
> the named person's use only. It may contain sensitive and private 
> proprietary or legally privileged information. You must not, directly 
> or indirectly, use, disclose, distribute, print, or copy any part of 
> this message if you are not the intended recipient. eintellego Pty Ltd 
> and each legal entity in the Tefilah Pty Ltd group of companies 
> reserve the right to monitor all e-mail communications through its 
> networks.  Any views expressed in this message are those of the 
> individual sender, except where the message states otherwise and the 
> sender is authorised to state them to be the views of any such entity. 
> Any reference to costs, fee quotations, contractual transactions and 
> variations to contract terms is subject to separate confirmation in 
> writing signed by an authorised representative of eintellego. Whilst 
> all efforts are made to safeguard inbound and outbound e-mails, we 
> cannot guarantee that attachments a
re virus-free or compatible with your systems and do not accept any
liability in respect of viruses or computer problems experienced.
>
>
>
>
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog

_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog




More information about the AusNOG mailing list