[AusNOG] New /21 on Bogan / Delinquent Lists

Nathan Ridge ridgey at matilda.net.au
Wed Sep 16 13:33:36 EST 2009 

Hi Shaun,

I agree.

We have just been assigned our first /20 from Apnic and within the first 
week of utilizing the new ip space
we are getting phone calls from customers that cannot get into banking 
sites, universities and more which I all
feel have been blackholed, one in question I know this is the case 
because of something that happened years ago.

Very painful.



Shaun Dwyer wrote:
> What happened to the APNIC de-bogon project?
>
> I'd argue that APNIC's should be pro-active in de-bogon'ing */prior/* 
> to allocating the IP space. The range should be at least 90% routable 
> prior to being allocated.
>
> It shouldn't be left to the poor network operators who get assigned 
> new IPs to contact NOCs and get it de-listed.
>
> Additionally, it wouldn't take much to do this testing. A single linux 
> server with some scripts and quagga is all it'd take.
>
> In the case mentioned below about telstra's SMTP servers blocking the 
> allocated range... that should be done with prefix lists at BGP 
> peering points, not at firewall/application level.
>
> RSS feed for bogon list anyone?
>
>
> Cheers!
> -Shaun
>
>
>
> On 16/09/2009, at 10:02 AM, Nathan Brookfield wrote:
>
>> Mark,
>>
>> I agree, it is certainly no fault of APNIC but they were initially 
>> less than helpful when I advised them that we were having severe 
>> routing issues a week after the allocation was issued.
>>
>> I have had a great response from users on the group and I appreciate 
>> everyone who has contacted me directly, you've all been a great help.
>>
>> -----Original Message-----
>> From: Mark Smith [mailto:mark.smith at team.adam.com.au]
>> Sent: Wednesday, 16 September 2009 9:44 AM
>> To: Nathan Brookfield (SAU)
>> Cc: ausnog at ausnog.net <mailto:ausnog at ausnog.net>
>> Subject: Re: [AusNOG] New /21 on Bogan / Delinquent Lists
>>
>> Nathan Brookfield wrote:
>>> Hi All,
>>>
>>> I know this is a bit of an unusual request, not something I see on 
>>> AUSNOG regularly but we have had the very unfortunate luck of being 
>>> assigned a /21 from APNIC within the last 2 months which we are now 
>>> slowly starting to assign to customers.
>>>
>>
>> A bit of "spam" to operator lists isn't unreasonable for this sort of
>> problem.
>>
>>> When the first customer was put onto this subnet they advised that 
>>> traffic from our network to ExeTEL appeared to be null routed into a 
>>> blackhole so after raising a ticket with ExeTEL I quickly found out 
>>> that the allocation had been blacklisted some years back for 
>>> malicious activity, over the last weeks we have been escalating 
>>> issues to Singtel and a long laundry list of other peers who have 
>>> the prefix blocked.
>>>
>>> Today we are dealing with Telstra who have the prefixed denied on 
>>> all SMTP servers which has been fun but looks like it’s almost at an 
>>> end.
>>>
>>> Can I please reach out to all Sys Admins on the group to check your 
>>> networks and if you are blocking 180.92.192.0/21 if you could please 
>>> allow traffic from this subnet back into your networks.
>>>
>>> APNIC of course are no help, the fact it appears this subnet is less 
>>> than 90% routable does not help as they just won’t re-issue the 
>>> allocation plus we are too far past that stage now ☹
>>>
>>
>> We've that trouble a few times over the last couple of years, but I
>> don't think APNIC are at any fault at all for it. They send out
>> notifications about new address ranges they're going to allocate around
>> 12 months in advance to a number of operator forums (I think this one
>> included). I think it's lazy sys/netadmins who are at fault - if they're
>> going to put these sorts of blackholing measures in place, they need to
>> fulfill the ongoing obligation they've created to keep the up to date.
>> If they're not going to do that, then they shouldn't cause trouble for
>> the rest of us by doing it in the first place.
>>
>> Regards,
>> Mark.
>>
>>
>>
>> _______________________________________________
>> AusNOG mailing list
>> AusNOG at lists.ausnog.net <mailto:AusNOG at lists.ausnog.net>
>> http://lists.ausnog.net/mailman/listinfo/ausnog
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>   


-- 

*Nathan Ridge*
*Systems Administrator*

*Matilda Internet*
________________

(Telephone +61 7 4953 0711
(Fax +61 7 4953 0717
29 Gregory Street, Mackay, QLD 4740, Australia
* Email ridgey at matilda.net.au
<mailto:ridgey at matilda.net.au>Website _www.matilda.net.au
_ <http://www.matilda.net.au/>



This email and any files transmitted with it are confidential and are 
intended solely for the use of the individual or entity to whom it is 
addressed.  If you are not the recipient be advised that you have 
received this email in error and that any use, dissemination, 
forwarding, printing copying or use of the contents contained in this 
e-mail and any file attachments is strictly prohibited.  If you have 
received this email in error please immediately notify the sender by 
telephone or by reply email to the sender.  You must destroy the 
original transmission and its contents.  It is recommended that you 
virus test the information and any attachments.  Matilda Internet does 
not accept liability for any loss or damage howsoever occurred as a 
result of this email transmission or any attachments to it.

More information about the AusNOG mailing list