[AusNOG] Urgent - Pacnet NOC contact (with BGP clue)
Kris Price
ausnog at punk.co.nz
Sat Dec 11 11:50:44 EST 2010
Pacnet, apparently now the hijacker's transit provider of choice.
This is pretty crap. But it doesn't sound like you can do much if Pacnet
are complicit in this.
a) Get Pacnet to stop importing your customer's prefixes from AINS (of
course Pacnet should not automatically trust you, but should contact the
owner of the prefixes as listed in whois to confirm the situation) but
Pacnet are refusing.
b) Go for juvenile justice. Procure a connection to pacnet through some
means and start announcing all of AINS blocks as /24s -- apparently this
behaviour is OK according to Pacnet and they won't stop you. (But no,
*I'm not serious.*)
c) Get your customer back online using some other prefixes, perhaps from
your new upstream? Are there some mission critical servers that can be
renumbered/NAT'd first or similar?
d) Involve the law -- slow. But until Pacnet come around seems your only
choice.
I'll be interested to hear how this plays out.
On 11/12/2010 12:32 a.m., Skeeve Stevens wrote:
> Further update.
>
> Thanks to the (about) two dozen emails off-list. A lot of useful advice. Much of it suggesting legal remedies - which I believe may happen next week anyway, but considering the network is completely down, waiting 3 days isn't really an option.
>
> Talked to the NOC engineer in Sydney (thanks off-list email for details), and even after 25 mins of talking to him, he seemed paralysed.... everyone seems paralysed at Pacnet, afraid to make a decision and seemingly incapable of understanding the situation. He seemed to be even too scared to call his boss and pass it up the chain "but it is after hours!... I shouldn't ring him" and suggested that I wait till Monday so the legal department can investigate it.
>
> How simple is this? The resources are clearly owned by my customer... who has withdrawn any permission that AINS thinks they had, assumed or implied, and now does NOT have the right to announce the ranges.
>
> I am not even sure how these people can condone doing nothing... He wouldn't even ring his own customer to ask him what the situation was and whether they thought they owned the ranges.
>
> It is my belief that Pacnet, having been informed of the situation, and also have been contacted by APNIC asking them to crease the routing, they are now a part of the situation.
>
> Pacnet largely seem not to care because we are not their customer.
>
> The only thing I can think is that I get as many Pacnet customers to ring up and complain that they are unable to get to 180.189.136.0/22 and 175.45.144.0/20 ranges. Maybe they will listen to their own customers? Just remember guys, if this was happening to you, you would really love some help. We need to act as a community and stick together.
>
> I am going to investigate what APNIC policy proposals I can do which might help this situation - if anyone has ideas... feel free to discuss.
>
>
> ...Skeeve
>
> --
> Skeeve Stevens, CEO
> eintellego Pty Ltd - The Networking Specialists
> skeeve at eintellego.net / www.eintellego.net
> Phone: 1300 753 383, Fax: (+612) 8572 9954
> Cell +61 (0)414 753 383 / skype://skeeve
> www.linkedin.com/in/skeeve ; facebook.com/eintellego
> --
> eintellego - The Experts that the Experts call
> - Juniper - HP Networking - Cisco - Brocade - Arista - Allied Telesis
>
> From: ausnog-bounces at lists.ausnog.net [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of Skeeve Stevens
> Sent: Friday, 10 December 2010 8:00 PM
> To: ausnog at ausnog.net
> Subject: Re: [AusNOG] Urgent - Pacnet NOC contact (with BGP clue)
>
> So, to update.
>
> After finally getting a Pacnet engineer who understood BGP and the issue (and was referring to my initial email to AusNOG), the engineer was instructed by his boss (don't have a name) to tell me to call APNIC.... but couldn't tell me what they expected APNIC to do.
>
> I informed the Pacnet engineer (Ramon) that if they keep allowing AINS to announce the ranges (see below) then they are party to the Denial of Service that is going on and in turn are committing a criminal act as well.
>
> Btw... the ranges I noted: 180.189.136.0/22 and 175.45.144.0/20 are being announced by AINS as /24's for maximum disruption effect.
>
> I've now called APNIC and they're not a 24/7 operation and while I was able to get it escalated to someone to figure out if perhaps APNIC can send an email to Pacnet to ask them to stop the announcements from their customer (AINS)... not that in the slightest way this should be required at all. I am waiting for APNIC to call me back to tell me if they can do anything (doubtful - but Pacnet seem to think they have authority here).
>
> Pacnet, who are extremely hard to talk to and no-one seems to want to take any responsibility, in my opinion, since they've now been informed of the act, and are (at the moment) choosing not to do anything, then they are now a party to the denial of service (using BGP).
>
> Now, I've received advice of take it legal... and we will..... but it is Friday night... and I don't want to have this network down for the next two-three days (especially as I leave the country Sunday).
>
> Now, I guess my next request to this list would be - does anyone know anyone of sufficient authority level at Pacnet who can instruct their engineers to fix this situation?
>
> ...Skeeve
>
> --
> Skeeve Stevens, CEO
> eintellego Pty Ltd - The Networking Specialists
> skeeve at eintellego.net / www.eintellego.net
> Phone: 1300 753 383, Fax: (+612) 8572 9954
> Cell +61 (0)414 753 383 / skype://skeeve
> www.linkedin.com/in/skeeve ; facebook.com/eintellego
> --
> eintellego - The Experts that the Experts call
> - Juniper - HP Networking - Cisco - Brocade - Arista - Allied Telesis
>
> From: Skeeve Stevens
> Sent: Friday, 10 December 2010 6:26 PM
> To: ausnog at ausnog.net
> Subject: Urgent - Pacnet NOC contact (with BGP clue)
>
> Hey all,
>
> The situation I had a month or so ago with a provider announcing ranges of a customer they had cut-off as a form of punishment, has raised its head again.
>
> This time I will name names, as I've just had a conversation with the GM of AINS (www.ains.com.au<http://www.ains.com.au>) Curtis Raams who said that it was their right to do so.
>
> They seem to think that because they have an agreement to service the customer, that when they are suspended they are allowed to announce the customers ranges into the global table, to stop them using them.
>
> The customer is multi-homed and is now essentially suffering the effects of a Denial of Service issue due to these announcements.
>
> My simply resolution, is to get Pacnet to stop announcing their ranges... and essentially it will be 99% resolved... if AINS don't want to talk to them that is up to them.
>
> The ranges affected (Belonging to Alumina Networks)
>
> 180.189.136.0/22
>
> And possibly 175.45.144.0/20
>
> The announcements may be smaller than this (le24)
>
> Either could a Pacnet NOC guy with BGP clue contact me on my cell below, or someone provide a direct NOC contact of Pacnet... I have been on hold to their support line for a while now and not having any luck getting someone who understands what I'm talking about.
>
>
> ...Skeeve
>
> --
> Skeeve Stevens, CEO
> eintellego Pty Ltd - The Networking Specialists
> skeeve at eintellego.net / www.eintellego.net
> Phone: 1300 753 383, Fax: (+612) 8572 9954
> Cell +61 (0)414 753 383 / skype://skeeve
> www.linkedin.com/in/skeeve ; facebook.com/eintellego
> --
> eintellego - The Experts that the Experts call
> - Juniper - HP Networking - Cisco - Brocade - Arista - Allied Telesis
>
> Disclaimer: Limits of Liability and Disclaimer: This message is for the named person's use only. It may contain sensitive and private proprietary or legally privileged information. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. eintellego Pty Ltd and each legal entity in the Tefilah Pty Ltd group of companies reserve the right to monitor all e-mail communications through its networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorised to state them to be the views of any such entity. Any reference to costs, fee quotations, contractual transactions and variations to contract terms is subject to separate confirmation in writing signed by an authorised representative of eintellego. Whilst all efforts are made to safeguard inbound and outbound e-mails, we cannot guarantee that attachments a
re virus-free or compatible with your systems and do not accept any liability in respect of viruses or computer problems experienced.
>
>
>
>
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
More information about the AusNOG
mailing list