Cidr police please pull over and show us your bgp announcements

202
-1

Published on

Is the growth of the global Internet route table all about growth? Or is there a certain amount of laziness, cluelessness, and insensitivity factored into the growth? Over the past two years we've used e-mail and the top 20 CIDR list to contact ISPs and multihomed enterprises. This volunteer effort draws attention to the impact their announcements are having on the global Internet table. We endeavor to make a difference by pointing out the problem, highlighting available resources, and offering free technical BGP assistance. In addition, over the past year we have encountered many RFC1918 and RFC1930 (private ASN) announcements leaking into the global routing tables. This presentation will show the results of our actions. We will also point out how much of the encountered problem is clue, lameness, or "just don't care."

See more at: https://www.nanog.org/meetings/nanog27/agenda#sthash.omWt608q.dpuf

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
202
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
3
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Cidr police please pull over and show us your bgp announcements

  1. 1. 1CIDR Police: Pull Over and Show Us Your BGP AnnouncementsCIDR Police: Pull Over and Show Us Your BGP Announcements CIDR Police: Please Pull Over andCIDR Police: Please Pull Over and Show Us Your BGPShow Us Your BGP AnnouncementsAnnouncements Hank Nussbacher hank@riverhead.com Barry Greene bgreene@cisco.com V2.0 NANOG 27NANOG 27 Phoenix, AZ, Feb 11, 2003Phoenix, AZ, Feb 11, 2003
  2. 2. 2CIDR Police: Pull Over and Show Us Your BGP AnnouncementsCIDR Police: Pull Over and Show Us Your BGP Announcements PremisePremise l We have the weekly CIDR reports that use peer pressure to keep try to keep people from abusing their announcements. l Is that enough? l Are there issues with clue, workload, skills, and other knowledge factors that effect the size of the table? l Are people lazy, over worked, or just do not care? l Q. Can true peer pressure dent the growth?
  3. 3. 3CIDR Police: Pull Over and Show Us Your BGP AnnouncementsCIDR Police: Pull Over and Show Us Your BGP Announcements TechniqueTechnique l Review the Weekly Top 20 list, analysis the change, then E-mail the contacts. l E-mails point out the observation based on the top 20 list, offers assistance, and sometimes recommends remediation. l Whitepapers, presentations, and other materials are created based on the interaction with the Top 20. l E-mails sent out on a time available.
  4. 4. 4CIDR Police: Pull Over and Show Us Your BGP AnnouncementsCIDR Police: Pull Over and Show Us Your BGP Announcements CIDR results for 2001CIDR results for 2001 l Feb 1, 2001: 95,787 l Dec 31, 2001: 104,932 l Barry+Hank cleanup efforts: 3,884 l CIDR table ends up 30% smaller than it would have been if we hadn’t sent out emails l Total sent: 72 emails
  5. 5. 5CIDR Police: Pull Over and Show Us Your BGP AnnouncementsCIDR Police: Pull Over and Show Us Your BGP Announcements The Bad Boys of 2001The Bad Boys of 2001 l AS701 – UUnet l AS4151 – USDA l AS2686 – AT&T EMEA l AS13999 – Megacable, Mexico l AS4755 – VSNL, India l AS9498 – Bharti, India l AS724 – DLA, (.mil) l AS577 – Bell Canada l AS376 – RISQ, Canada l AS12302 – Mobifon, Romania
  6. 6. 6CIDR Police: Pull Over and Show Us Your BGP AnnouncementsCIDR Police: Pull Over and Show Us Your BGP Announcements The Good Boys of 2001The Good Boys of 2001 l AS1221 – Telstra (501 withdrawn) l AS4293 – C&W (361 withdrawn) l AS15412 – Flag Telecom (661 withdrawn) l AS2551 – ICG (619 withdrawn)
  7. 7. 7CIDR Police: Pull Over and Show Us Your BGP AnnouncementsCIDR Police: Pull Over and Show Us Your BGP Announcements CIDR results for 2002CIDR results for 2002 l Jan 1, 2002: 104,852 l Dec 31, 2002: 117,450 l Barry+Hank cleanup efforts: 4,318 l CIDR table ends up 25% smaller than it would have been if we hadn’t sent out emails l Total sent: 14 emails
  8. 8. 8CIDR Police: Pull Over and Show Us Your BGP AnnouncementsCIDR Police: Pull Over and Show Us Your BGP Announcements The Bad Boys of 2002The Bad Boys of 2002 l AS17557 – Pakistan Telecom l AS852 – Telus l AS18566 - Covad
  9. 9. 9CIDR Police: Pull Over and Show Us Your BGP AnnouncementsCIDR Police: Pull Over and Show Us Your BGP Announcements The Good Boys of 2002The Good Boys of 2002 l AS8984 – Internet5 AB, Sweden (1069 withdrawn) l AS209 – Qwest (1276 withdrawn) l AS2548 – Allegiance Internet (1282 withdrawn)
  10. 10. 10CIDR Police: Pull Over and Show Us Your BGP AnnouncementsCIDR Police: Pull Over and Show Us Your BGP Announcements 20032003 l 23 emails already sent – starting Dec 22 l Only 7 replied l Only one has reduced their announcements: AS1580 – HQ 5th Signal Command l Reduced announcements by 302 prefixes!
  11. 11. 11CIDR Police: Pull Over and Show Us Your BGP AnnouncementsCIDR Police: Pull Over and Show Us Your BGP Announcements CIDR growthCIDR growth 95000 100000 105000 110000 115000 120000 125000 130000 2001 2002 2003 CIDR CIDR without Barry and Hank 7%
  12. 12. 12CIDR Police: Pull Over and Show Us Your BGP AnnouncementsCIDR Police: Pull Over and Show Us Your BGP Announcements Total BGP Table GrowthTotal BGP Table Growth Could growth slowdown be attributed to our emails?
  13. 13. 13CIDR Police: Pull Over and Show Us Your BGP AnnouncementsCIDR Police: Pull Over and Show Us Your BGP Announcements LeakingsLeakings of 2002of 2002 l “Friends” ISPs l Janice/Chandler or Phoebe l 12 IP prefixes l Some RFC1918 l Some unregistered l 22 ASNs l Mostly RFC1930 l 5 interesting cases
  14. 14. 14CIDR Police: Pull Over and Show Us Your BGP AnnouncementsCIDR Police: Pull Over and Show Us Your BGP Announcements Leaky cases #1 & #2Leaky cases #1 & #2 l AS5050 leaking AS64511 l “remove-private-as” not working since AS64511 is not a private ASN l Private ASNs start at AS64512! l AS1221 leaking AS65000 l Cisco IOS bugs CSCdy59660 & CSCdj19299 l “remove-private-as” not working if as-path is more than 1 and created by as-path prepend
  15. 15. 15CIDR Police: Pull Over and Show Us Your BGP AnnouncementsCIDR Police: Pull Over and Show Us Your BGP Announcements Leaky cases #3 & #4Leaky cases #3 & #4 l AS701 leaking AS5757 l Not registered in ARIN l Lost allocation in 1995 l Proof sitting on 8mm tape l ARIN’s stuck L l AS1880 leaking AS1877 l Peter Lothberg’s ASN l Paperwork lost in 1994 in RIPE l RIPE willing to re-register it
  16. 16. 16CIDR Police: Pull Over and Show Us Your BGP AnnouncementsCIDR Police: Pull Over and Show Us Your BGP Announcements Leaky case #5Leaky case #5 l IP range: 192.83.0.0 – 192.83.100.255 l Allocated to Sonera (Finland) in 1992 l Sonera claims all of it l ARIN has records for only parts of this block l Sonera claims paperwork lost by Internic l Announced by AS5515 l ARIN involved
  17. 17. 17CIDR Police: Pull Over and Show Us Your BGP AnnouncementsCIDR Police: Pull Over and Show Us Your BGP Announcements US Military UnilateralismUS Military Unilateralism –– AS568AS568 l Announcing prefixes not listed anywhere: l 132.0.0.0/10 l 137.0.0.0/13 l 158.0.0.0/13 l 192.153.136.0/21 l 192.172.0.0/19 l No record in ARIN or whois.nic.mil for the first block out of the aggregate (i.e. 132.0.0.0/16) l No answer from anyone at AS 568.
  18. 18. 18CIDR Police: Pull Over and Show Us Your BGP AnnouncementsCIDR Police: Pull Over and Show Us Your BGP Announcements What now?What now? l We will continue to send emails to CIDR leakers and non-aggregators l We ask that everyone do their share by checking their BGP setups l Will continue to develop materials to help communicate operational clue. l Open for more volunteers to invest their time. Contact Hank or Barry.
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×