Re: Utilizing USG networks for internal purposes (Re: route: 0.0.0.0/32 in LEVEL3 IRR)

2024-02-14 Thread John Curran 
Dave - 

You’d need to ask someone who speaks for the USG to address that question – and 
that’s 
definitely not my job. 

However, I will observe in the time since then, the DoD has taken to 
occasionally publicly
routing some of its address blocks, so the probability of inadvertent routing 
impact has 
almost certainly increased.

Thanks,
/John

John Curran
President and CEO
American Registry for Internet Numbers


> On Feb 14, 2024, at 1:25 AM, Dave Taht  wrote:
> 
> Excellent summary of the USG position as of 2019. It is, um, nearly 5
> years later, has any of these stuff evolved?
> 
> On Tue, Feb 13, 2024 at 9:58 PM John Curran  wrote:
>> 
>> On Jan 31, 2024, at 12:48 AM, Rubens Kuhl  wrote:
>> 
>> DoD's /8s are usually squatted by networks that run out of private IPv4 
>> space.
>> Even though it is very risky to steal resources from an organization
>> that can deploy a black helicopter or a nuclear warhead over you, for
>> some reason like it not appearing in the DFZ people seem to like it.
>> 
>> 
>> Folks -
>> 
>> A network that wants to be creative and utilize an address block that’s 
>> assigned to others
>> for their own internal purposes runs two distinct risks:
>> 
>> 1. An address block that’s not utilized today may easily become publicly 
>> routed tomorrow
>>(either by the original address holder or by their assignee/successor) 
>> and it is not possible
>>to reliably predict whether your customers will need access to the 
>> resources that end up
>>on that address space.
>> 
>> 2. If you should leak routes publicly for another's address space, there are 
>> organizations that
>>will object – and in the case US government networks, this can include 
>> some uncomfortable
>>conversations.  [1]
>> 
>> None of this suggests that one cannot configure their routers any way that 
>> they wish – just that
>> it’d be best if done with appropriate care and an upfront understanding of 
>> the risks involved.
>> 
>> Thanks!
>> /John
>> 
>> John Curran
>> President and CEO
>> American Registry for Internet Numbers
>> 
>> [1] 
>> https://pc.nanog.org/static/published/meetings/NANOG77/2108/20191028_Elverson_Your_As_Is_v1.pdf
>> pg 4.
>> 
> 
> 
> -- 
> 40 years of net history, a couple songs:
> https://www.youtube.com/watch?v=D9RGX6QFm5E
> Dave Täht CSO, LibreQos

Re: Utilizing USG networks for internal purposes (Re: route: 0.0.0.0/32 in LEVEL3 IRR)

2024-02-13 Thread Dave Taht 
Excellent summary of the USG position as of 2019. It is, um, nearly 5
years later, has any of these stuff evolved?

On Tue, Feb 13, 2024 at 9:58 PM John Curran  wrote:
>
> On Jan 31, 2024, at 12:48 AM, Rubens Kuhl  wrote:
>
> DoD's /8s are usually squatted by networks that run out of private IPv4 space.
> Even though it is very risky to steal resources from an organization
> that can deploy a black helicopter or a nuclear warhead over you, for
> some reason like it not appearing in the DFZ people seem to like it.
>
>
> Folks -
>
> A network that wants to be creative and utilize an address block that’s 
> assigned to others
> for their own internal purposes runs two distinct risks:
>
> 1. An address block that’s not utilized today may easily become publicly 
> routed tomorrow
> (either by the original address holder or by their assignee/successor) 
> and it is not possible
> to reliably predict whether your customers will need access to the 
> resources that end up
> on that address space.
>
> 2. If you should leak routes publicly for another's address space, there are 
> organizations that
> will object – and in the case US government networks, this can include 
> some uncomfortable
> conversations.  [1]
>
> None of this suggests that one cannot configure their routers any way that 
> they wish – just that
> it’d be best if done with appropriate care and an upfront understanding of 
> the risks involved.
>
> Thanks!
> /John
>
> John Curran
> President and CEO
> American Registry for Internet Numbers
>
> [1] 
> https://pc.nanog.org/static/published/meetings/NANOG77/2108/20191028_Elverson_Your_As_Is_v1.pdf
>  pg 4.
>


-- 
40 years of net history, a couple songs:
https://www.youtube.com/watch?v=D9RGX6QFm5E
Dave Täht CSO, LibreQos

Utilizing USG networks for internal purposes (Re: route: 0.0.0.0/32 in LEVEL3 IRR)

2024-02-13 Thread John Curran 
On Jan 31, 2024, at 12:48 AM, Rubens Kuhl  wrote:

DoD's /8s are usually squatted by networks that run out of private IPv4 space.
Even though it is very risky to steal resources from an organization
that can deploy a black helicopter or a nuclear warhead over you, for
some reason like it not appearing in the DFZ people seem to like it.

Folks -

A network that wants to be creative and utilize an address block that’s 
assigned to others
for their own internal purposes runs two distinct risks:

1. An address block that’s not utilized today may easily become publicly routed 
tomorrow
(either by the original address holder or by their assignee/successor) and 
it is not possible
to reliably predict whether your customers will need access to the 
resources that end up
on that address space.

2. If you should leak routes publicly for another's address space, there are 
organizations that
will object – and in the case US government networks, this can include some 
uncomfortable
conversations.  [1]

None of this suggests that one cannot configure their routers any way that they 
wish – just that
it’d be best if done with appropriate care and an upfront understanding of the 
risks involved.

Thanks!
/John

John Curran
President and CEO
American Registry for Internet Numbers

[1] 
https://pc.nanog.org/static/published/meetings/NANOG77/2108/20191028_Elverson_Your_As_Is_v1.pdf
 pg 4.

Re: route: 0.0.0.0/32 in LEVEL3 IRR

2024-02-08 Thread Jérôme Nicolle 

Rubens,

Le 31/01/2024 à 06:48, Rubens Kuhl a écrit :

DoD's /8s are usually squatted by networks that run out of private IPv4 space.


Indeed, most I've seen just came to the conclusion that if there's no 
more blocks available in 10/8, just use the next best thing : 11/8.


Best regards,

--
Jérôme Nicolle
+33 6 19 31 27 14

Re: route: 0.0.0.0/32 in LEVEL3 IRR

2024-02-01 Thread Tom Beecher 
Yes, absolutely. That's part of the technical risk that you take if you
decide to do such things.

If it's a "good" choice or not is entirely situational. Some organizations
are fine with kicking that tech debt down the road, others like to double
down and create a house of cards.

On Thu, Feb 1, 2024 at 2:21 AM Frank Habicht  wrote:

> On 01/02/2024 01:45, Tom Beecher wrote:
> > Seems a bit dramatic. Companies all over the world have been using other
> > people's public IPs internally for decades. I worked at a place 20 odd
> > years ago that had an odd numbering scheme internally, and it was
> > someone else's public space. When I asked why, the guy who built it said
> > "Well I just liked the pattern."
> >
> > If you're not announcing someone else's space into the DFZ, or
> > otherwise trying to do anything shady, the three letter agencies aren't
> > likely to come knocking. Doesn't mean anyone SHOULD be doing it, but
> still.
>
> Well...
>
> If you're using 20.20.20.0/24 which is not "yours" (as I've seen
> happen), then certainly your customers can't get to the real 20.20.20.x
> And even if that's not announced and used /today/ - this can change
> quickly...
>
> Frank
>

Re: route: 0.0.0.0/32 in LEVEL3 IRR

2024-02-01 Thread Andrian Visnevschi via NANOG 
It's unfortunate, but quite common. I've seen similar occurrences in
several companies I worked for previously. For instance, one of my former
employers utilized public IP addresses belonging to others for IPMI server
access, even though it was solely for management purposes and not
communicated to any peers internally. Consequently, none of the customers
could access these public IPs. The reason for this? When the company
initially acquired these IPs, they were part of a leased range. Upon
termination of the agreement, instead of changing all the IPs, they opted
to continue using them due to the perceived hassle. Similarly, another
service provider used IPs from its leased range for DNS servers. When the
agreement ended and IPs were reallocated, they persisted with the old IPs
because updating DNS server settings on customer CPEs lacked automation and
thought it was too much trouble.

Unfortunately, such examples are not uncommon, and certainly don't
represent best practices



*Andrian Visnevschi*




On Thu, Feb 1, 2024 at 10:58 AM Owen DeLong via NANOG 
wrote:

>
>
> > On Jan 31, 2024, at 23:19, Frank Habicht  wrote:
> >
> > On 01/02/2024 01:45, Tom Beecher wrote:
> >> Seems a bit dramatic. Companies all over the world have been using
> other people's public IPs internally for decades. I worked at a place 20
> odd years ago that had an odd numbering scheme internally, and it was
> someone else's public space. When I asked why, the guy who built it said
> "Well I just liked the pattern."
> >> If you're not announcing someone else's space into the DFZ, or
> otherwise trying to do anything shady, the three letter agencies aren't
> likely to come knocking. Doesn't mean anyone SHOULD be doing it, but still.
> >
> > Well...
> >
> > If you're using 20.20.20.0/24 which is not "yours" (as I've seen
> happen), then certainly your customers can't get to the real 20.20.20.x
> > And even if that's not announced and used /today/ - this can change
> quickly...
> >
> > Frank
>
> You are repeating exactly the argument I made at the time.
>
> Owen
>
>

Re: route: 0.0.0.0/32 in LEVEL3 IRR

2024-02-01 Thread Mark Andrews 
If you are using IPv4 address that belong to someone else internally you really 
are in a prime position to use IPv6 only internally and use one of the IPv4AAS 
mechanisms to reach the IPv4 internet.  After a quarter of a century all your 
equipment should be IPv6 capable. 

-- 
Mark Andrews

> On 1 Feb 2024, at 19:57, Owen DeLong via NANOG  wrote:
> 
> 
> 
>> On Jan 31, 2024, at 23:19, Frank Habicht  wrote:
>> 
>>> On 01/02/2024 01:45, Tom Beecher wrote:
>>> Seems a bit dramatic. Companies all over the world have been using other 
>>> people's public IPs internally for decades. I worked at a place 20 odd 
>>> years ago that had an odd numbering scheme internally, and it was someone 
>>> else's public space. When I asked why, the guy who built it said "Well I 
>>> just liked the pattern."
>>> If you're not announcing someone else's space into the DFZ, or otherwise 
>>> trying to do anything shady, the three letter agencies aren't likely to 
>>> come knocking. Doesn't mean anyone SHOULD be doing it, but still.
>> 
>> Well...
>> 
>> If you're using 20.20.20.0/24 which is not "yours" (as I've seen happen), 
>> then certainly your customers can't get to the real 20.20.20.x
>> And even if that's not announced and used /today/ - this can change 
>> quickly...
>> 
>> Frank
> 
> You are repeating exactly the argument I made at the time.
> 
> Owen
>

Re: route: 0.0.0.0/32 in LEVEL3 IRR

2024-02-01 Thread Owen DeLong via NANOG 



> On Jan 31, 2024, at 23:19, Frank Habicht  wrote:
> 
> On 01/02/2024 01:45, Tom Beecher wrote:
>> Seems a bit dramatic. Companies all over the world have been using other 
>> people's public IPs internally for decades. I worked at a place 20 odd years 
>> ago that had an odd numbering scheme internally, and it was someone else's 
>> public space. When I asked why, the guy who built it said "Well I just liked 
>> the pattern."
>> If you're not announcing someone else's space into the DFZ, or otherwise 
>> trying to do anything shady, the three letter agencies aren't likely to come 
>> knocking. Doesn't mean anyone SHOULD be doing it, but still.
> 
> Well...
> 
> If you're using 20.20.20.0/24 which is not "yours" (as I've seen happen), 
> then certainly your customers can't get to the real 20.20.20.x
> And even if that's not announced and used /today/ - this can change quickly...
> 
> Frank

You are repeating exactly the argument I made at the time.

Owen

Re: route: 0.0.0.0/32 in LEVEL3 IRR

2024-01-31 Thread Frank Habicht 

On 01/02/2024 01:45, Tom Beecher wrote:
Seems a bit dramatic. Companies all over the world have been using other 
people's public IPs internally for decades. I worked at a place 20 odd 
years ago that had an odd numbering scheme internally, and it was 
someone else's public space. When I asked why, the guy who built it said 
"Well I just liked the pattern."


If you're not announcing someone else's space into the DFZ, or 
otherwise trying to do anything shady, the three letter agencies aren't 
likely to come knocking. Doesn't mean anyone SHOULD be doing it, but still.


Well...

If you're using 20.20.20.0/24 which is not "yours" (as I've seen 
happen), then certainly your customers can't get to the real 20.20.20.x
And even if that's not announced and used /today/ - this can change 
quickly...


Frank

Re: route: 0.0.0.0/32 in LEVEL3 IRR

2024-01-31 Thread Owen DeLong via NANOG 
For many years, a large customer (telco/VOIP/ISP carrier that should have known 
better) of a former employer was using 11.0.0.0/8 as an extension of 10.0.0.0/8 
and literally forced said employer to carry their routes to those prefixes in 
those tables (or lose an extremely lucrative contract). At the time, 11/8 was 
IANA resrved, and my point that it was likely to be allocated to an RIR and 
subsequently some real entitie(s) on the internet was utterly lost in the 
pursuit of the almighty dollar. I left that job for greener pastures before 
IANA allocated that prefix, but I’m sure there were some definite interesting 
results there when it happened.

Owen


> On Jan 31, 2024, at 14:45, Tom Beecher  wrote:
> 
>> Even though it is very risky to steal resources from an organization
>> that can deploy a black helicopter or a nuclear warhead over you
> 
> Seems a bit dramatic. Companies all over the world have been using other 
> people's public IPs internally for decades. I worked at a place 20 odd years 
> ago that had an odd numbering scheme internally, and it was someone else's 
> public space. When I asked why, the guy who built it said "Well I just liked 
> the pattern." 
> 
> If you're not announcing someone else's space into the DFZ, or otherwise 
> trying to do anything shady, the three letter agencies aren't likely to come 
> knocking. Doesn't mean anyone SHOULD be doing it, but still.  
> 
> On Wed, Jan 31, 2024 at 12:49 AM Rubens Kuhl  > wrote:
>> DoD's /8s are usually squatted by networks that run out of private IPv4 
>> space.
>> Even though it is very risky to steal resources from an organization
>> that can deploy a black helicopter or a nuclear warhead over you, for
>> some reason like it not appearing in the DFZ people seem to like it.
>> 
>> 
>> Rubens
>> 
>> On Tue, Jan 30, 2024 at 11:40 PM Dave Taht > > wrote:
>> >
>> > That's pretty cool, actually. I keep wondering when someone will offer
>> > up a 0.0.0.0/8. ..
>> >
>> > https://www.ietf.org/archive/id/draft-schoen-intarea-unicast-0-00.html
>> >
>> > There must be more people out there than just amazon and google that
>> > ran out of 10/8.
>> >
>> > On Tue, Jan 30, 2024 at 11:29 AM Frank Habicht > > > wrote:
>> > >
>> > > Hi,
>> > >
>> > > I got 2 bounces for the email addresses seen below for an email similar
>> > > to the below...
>> > >
>> > > Anyone want to remove this IRR entry before anyone notices...???   ;-)
>> > >
>> > > Frank
>> > >
>> > >
>> > > I believe that the entry of
>> > > route:  0.0.0.0/32 
>> > >
>> > > does not serve any good purpose?
>> > >
>> > > I was surprised to see it in a list of prefixes from bgpq4 and the very
>> > > good https://irrexplorer.nlnog.net/prefix/0.0.0.0 guided me that it's in
>> > > "Level3".
>> > >
>> > > I'm wondering how many auto-generated filters contain this unnecessary
>> > > prefix
>> > >
>> > > PS: Oh, just seen - it's from TODAY. Maybe remove before anyone sees 
>> > > it...?
>> > >
>> > > Thanks for looking into this,
>> > > Frank
>> > >
>> > >
>> > > [frank@fisi ~]$ whois -h rr.level3.com  
>> > > 0.0.0.0/32 
>> > > [Querying rr.level3.com ]
>> > > [rr.level3.com ]
>> > > route:  0.0.0.0/32 
>> > > origin: AS10753
>> > > mnt-by: TCCGlobalNV-MNT
>> > > changed:ankita.gre...@lumen.com 
>> > > source: LEVEL3
>> > > last-modified:  2024-01-30T11:04:49Z
>> > >
>> > >
>> > > [frank@fisi ~]$ whois -h rr.level3.com  
>> > > TCCGlobalNV-MNT
>> > > [Querying rr.level3.com ]
>> > > [rr.level3.com ]
>> > > mntner: TCCGlobalNV-MNT
>> > > descr:  TCC Global N.V.
>> > > auth:   CRYPT-PW DummyValue  # Filtered for security
>> > > upd-to: ripehostmas...@eu.centurylink.net 
>> > > 
>> > > tech-c: LTHM
>> > > admin-c:LTHM
>> > > mnt-by: TCCGlobalNV-MNT
>> > > changed:ankita.gre...@lumen.com 
>> > > source: LEVEL3
>> > > last-modified:  2024-01-30T11:01:52Z
>> > >
>> >
>> >
>> > --
>> > 40 years of net history, a couple songs:
>> > https://www.youtube.com/watch?v=D9RGX6QFm5E
>> > Dave Täht CSO, LibreQos

Re: route: 0.0.0.0/32 in LEVEL3 IRR

2024-01-31 Thread Tom Beecher 
>
> Even though it is very risky to steal resources from an organization
> that can deploy a black helicopter or a nuclear warhead over you
>

Seems a bit dramatic. Companies all over the world have been using other
people's public IPs internally for decades. I worked at a place 20 odd
years ago that had an odd numbering scheme internally, and it was someone
else's public space. When I asked why, the guy who built it said "Well I
just liked the pattern."

If you're not announcing someone else's space into the DFZ, or
otherwise trying to do anything shady, the three letter agencies aren't
likely to come knocking. Doesn't mean anyone SHOULD be doing it, but
still.

On Wed, Jan 31, 2024 at 12:49 AM Rubens Kuhl  wrote:

> DoD's /8s are usually squatted by networks that run out of private IPv4
> space.
> Even though it is very risky to steal resources from an organization
> that can deploy a black helicopter or a nuclear warhead over you, for
> some reason like it not appearing in the DFZ people seem to like it.
>
>
> Rubens
>
> On Tue, Jan 30, 2024 at 11:40 PM Dave Taht  wrote:
> >
> > That's pretty cool, actually. I keep wondering when someone will offer
> > up a 0.0.0.0/8...
> >
> > https://www.ietf.org/archive/id/draft-schoen-intarea-unicast-0-00.html
> >
> > There must be more people out there than just amazon and google that
> > ran out of 10/8.
> >
> > On Tue, Jan 30, 2024 at 11:29 AM Frank Habicht 
> wrote:
> > >
> > > Hi,
> > >
> > > I got 2 bounces for the email addresses seen below for an email similar
> > > to the below...
> > >
> > > Anyone want to remove this IRR entry before anyone notices...???   ;-)
> > >
> > > Frank
> > >
> > >
> > > I believe that the entry of
> > > route:  0.0.0.0/32
> > >
> > > does not serve any good purpose?
> > >
> > > I was surprised to see it in a list of prefixes from bgpq4 and the very
> > > good https://irrexplorer.nlnog.net/prefix/0.0.0.0 guided me that it's
> in
> > > "Level3".
> > >
> > > I'm wondering how many auto-generated filters contain this unnecessary
> > > prefix
> > >
> > > PS: Oh, just seen - it's from TODAY. Maybe remove before anyone sees
> it...?
> > >
> > > Thanks for looking into this,
> > > Frank
> > >
> > >
> > > [frank@fisi ~]$ whois -h rr.level3.com 0.0.0.0/32
> > > [Querying rr.level3.com]
> > > [rr.level3.com]
> > > route:  0.0.0.0/32
> > > origin: AS10753
> > > mnt-by: TCCGlobalNV-MNT
> > > changed:ankita.gre...@lumen.com
> > > source: LEVEL3
> > > last-modified:  2024-01-30T11:04:49Z
> > >
> > >
> > > [frank@fisi ~]$ whois -h rr.level3.com TCCGlobalNV-MNT
> > > [Querying rr.level3.com]
> > > [rr.level3.com]
> > > mntner: TCCGlobalNV-MNT
> > > descr:  TCC Global N.V.
> > > auth:   CRYPT-PW DummyValue  # Filtered for security
> > > upd-to: ripehostmas...@eu.centurylink.net
> > > tech-c: LTHM
> > > admin-c:LTHM
> > > mnt-by: TCCGlobalNV-MNT
> > > changed:ankita.gre...@lumen.com
> > > source: LEVEL3
> > > last-modified:  2024-01-30T11:01:52Z
> > >
> >
> >
> > --
> > 40 years of net history, a couple songs:
> > https://www.youtube.com/watch?v=D9RGX6QFm5E
> > Dave Täht CSO, LibreQos
>

Re: route: 0.0.0.0/32 in LEVEL3 IRR

2024-01-30 Thread Rubens Kuhl 
DoD's /8s are usually squatted by networks that run out of private IPv4 space.
Even though it is very risky to steal resources from an organization
that can deploy a black helicopter or a nuclear warhead over you, for
some reason like it not appearing in the DFZ people seem to like it.


Rubens

On Tue, Jan 30, 2024 at 11:40 PM Dave Taht  wrote:
>
> That's pretty cool, actually. I keep wondering when someone will offer
> up a 0.0.0.0/8...
>
> https://www.ietf.org/archive/id/draft-schoen-intarea-unicast-0-00.html
>
> There must be more people out there than just amazon and google that
> ran out of 10/8.
>
> On Tue, Jan 30, 2024 at 11:29 AM Frank Habicht  wrote:
> >
> > Hi,
> >
> > I got 2 bounces for the email addresses seen below for an email similar
> > to the below...
> >
> > Anyone want to remove this IRR entry before anyone notices...???   ;-)
> >
> > Frank
> >
> >
> > I believe that the entry of
> > route:  0.0.0.0/32
> >
> > does not serve any good purpose?
> >
> > I was surprised to see it in a list of prefixes from bgpq4 and the very
> > good https://irrexplorer.nlnog.net/prefix/0.0.0.0 guided me that it's in
> > "Level3".
> >
> > I'm wondering how many auto-generated filters contain this unnecessary
> > prefix
> >
> > PS: Oh, just seen - it's from TODAY. Maybe remove before anyone sees it...?
> >
> > Thanks for looking into this,
> > Frank
> >
> >
> > [frank@fisi ~]$ whois -h rr.level3.com 0.0.0.0/32
> > [Querying rr.level3.com]
> > [rr.level3.com]
> > route:  0.0.0.0/32
> > origin: AS10753
> > mnt-by: TCCGlobalNV-MNT
> > changed:ankita.gre...@lumen.com
> > source: LEVEL3
> > last-modified:  2024-01-30T11:04:49Z
> >
> >
> > [frank@fisi ~]$ whois -h rr.level3.com TCCGlobalNV-MNT
> > [Querying rr.level3.com]
> > [rr.level3.com]
> > mntner: TCCGlobalNV-MNT
> > descr:  TCC Global N.V.
> > auth:   CRYPT-PW DummyValue  # Filtered for security
> > upd-to: ripehostmas...@eu.centurylink.net
> > tech-c: LTHM
> > admin-c:LTHM
> > mnt-by: TCCGlobalNV-MNT
> > changed:ankita.gre...@lumen.com
> > source: LEVEL3
> > last-modified:  2024-01-30T11:01:52Z
> >
>
>
> --
> 40 years of net history, a couple songs:
> https://www.youtube.com/watch?v=D9RGX6QFm5E
> Dave Täht CSO, LibreQos

Re: route: 0.0.0.0/32 in LEVEL3 IRR

2024-01-30 Thread Frank Habicht 

Seems it disappeared now and we can go back to regular programming.

Thanks to those who did that.

Frank

[frank@fisi ~]$ whois -h rr.level3.com 0.0.0.0/32
[Querying rr.level3.com]
[rr.level3.com]
%  No entries found for the selected source(s).


[frank@fisi ~]$






On 30/01/2024 19:37, Job Snijders via NANOG wrote:

On Tue, Jan 30, 2024 at 07:28:01PM +0300, Frank Habicht wrote:

I believe that the entry of
route:  0.0.0.0/32

does not serve any good purpose?


I don't think so either, I've created an issue to prevent that in future
releases of IRRd v4: https://github.com/irrdnet/irrd/issues/906

Thanks for noticing that!

It'll be up to Lumen to remove the record at hand.

Kind regards,

Job

Re: route: 0.0.0.0/32 in LEVEL3 IRR

2024-01-30 Thread Job Snijders via NANOG 
On Tue, Jan 30, 2024 at 07:28:01PM +0300, Frank Habicht wrote:
> I believe that the entry of
> route:  0.0.0.0/32
> 
> does not serve any good purpose?

I don't think so either, I've created an issue to prevent that in future
releases of IRRd v4: https://github.com/irrdnet/irrd/issues/906

Thanks for noticing that!

It'll be up to Lumen to remove the record at hand.

Kind regards,

Job

Re: route: 0.0.0.0/32 in LEVEL3 IRR

2024-01-30 Thread Dave Taht 
That's pretty cool, actually. I keep wondering when someone will offer
up a 0.0.0.0/8...

https://www.ietf.org/archive/id/draft-schoen-intarea-unicast-0-00.html

There must be more people out there than just amazon and google that
ran out of 10/8.

On Tue, Jan 30, 2024 at 11:29 AM Frank Habicht  wrote:
>
> Hi,
>
> I got 2 bounces for the email addresses seen below for an email similar
> to the below...
>
> Anyone want to remove this IRR entry before anyone notices...???   ;-)
>
> Frank
>
>
> I believe that the entry of
> route:  0.0.0.0/32
>
> does not serve any good purpose?
>
> I was surprised to see it in a list of prefixes from bgpq4 and the very
> good https://irrexplorer.nlnog.net/prefix/0.0.0.0 guided me that it's in
> "Level3".
>
> I'm wondering how many auto-generated filters contain this unnecessary
> prefix
>
> PS: Oh, just seen - it's from TODAY. Maybe remove before anyone sees it...?
>
> Thanks for looking into this,
> Frank
>
>
> [frank@fisi ~]$ whois -h rr.level3.com 0.0.0.0/32
> [Querying rr.level3.com]
> [rr.level3.com]
> route:  0.0.0.0/32
> origin: AS10753
> mnt-by: TCCGlobalNV-MNT
> changed:ankita.gre...@lumen.com
> source: LEVEL3
> last-modified:  2024-01-30T11:04:49Z
>
>
> [frank@fisi ~]$ whois -h rr.level3.com TCCGlobalNV-MNT
> [Querying rr.level3.com]
> [rr.level3.com]
> mntner: TCCGlobalNV-MNT
> descr:  TCC Global N.V.
> auth:   CRYPT-PW DummyValue  # Filtered for security
> upd-to: ripehostmas...@eu.centurylink.net
> tech-c: LTHM
> admin-c:LTHM
> mnt-by: TCCGlobalNV-MNT
> changed:ankita.gre...@lumen.com
> source: LEVEL3
> last-modified:  2024-01-30T11:01:52Z
>


-- 
40 years of net history, a couple songs:
https://www.youtube.com/watch?v=D9RGX6QFm5E
Dave Täht CSO, LibreQos