Re: [arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

Your definition of terrorism is very very different from mine. Where is anyone here threatening life or limb or freedom of anyone here or of any innocent third parties? On 5/3/2019 09:27 PM, Marilson Mapa wrote: /"The proponents of this proposal want you to think this proposal only affects

Re: [arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

> On May 3, 2019, at 08:24 , Keith W. Hare wrote: > > Andrew, > > So far, I have seen lots of discussion of the issue but I have not seen a > single concise coherent complete definition of the BGP hijacking problem that > includes: I”ll take a stab, but there are reasons for the lack of

Re: [arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

*"The proponents of this proposal want you to think this proposal only affects hijackers. That is not the case, this proposal affects anyone who operates a router. It puts anyone who operates a router in jeopardy of losing their Internet resources."* The name of that, Mr. Farmer, is terrorism.

Re: [arin-ppml] prop266 - re-framing the discussion

In message wrote: >You are asking ARIN to do something about hijacking and to tolerate squatting. I suspect that the proposal authors, being appropriately cognizant of the obvious difficulties of obtaining general agreement to do -anything- about -any- of these matters, may have attempted to

Re: [arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

On Sat, May 4, 2019 at 1:31 AM Ronald F. Guilmette wrote: > >The Internet doesn't exist, not in any legal sense... > Now that I know, I'm going to be applying to my landline provider > (which has also sold me "Internet service") for a BIG refund! Marketing BS *never* counts as a proper

Re: [arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

In message William Herrin wrote: >The Internet doesn't exist, not in any legal sense... May I quote you? Now that I know, I'm going to be applying to my landline provider (which has also sold me "Internet service") for a BIG refund! Also, somebody should let these people know:

Re: [arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

On May 3, 2019, at 4:48 PM, Carlos Friaças wrote: > On Fri, 3 May 2019, John Curran wrote: > (...) >> Hank - >> Yes, ARIN could add a statement to that effect to the registration services >> agreement ? note that the granting of rights to the address block in the >> registry is already present,

Re: [arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

Bagrin is the founder of MyDigitalShield (Omninet). He sells security. The worse, the better for his business. But he's here asking why people do not want to let ARIN help. He puts the interests of society in front of his business: "the heartbeat of America is really the small businesses”;

Re: [arin-ppml] prop266 - re-framing the discussion

Hi, I said i don't see an issue, if other people see an issue then we need to address it. So... agreed! Will work on that on a further version. Thanks, Carlos On Fri, 3 May 2019, Michel Py wrote: Michel Py wrote : ARIN should not create a double standard that penalizes hijacking and

Re: [arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

Hi, On Fri, 3 May 2019, David Farmer wrote: Simply getting involved in hijacking is not what is proposed. And, by the way, ARIN and the other RIRs already are involved, heard of RPKI, IRR, etc...  You can't say the problem is being ignored.  Are these responses truly effective? Maybe not.

Re: [arin-ppml] prop266 - re-framing the discussion

>> Michel Py wrote : >> ARIN should not create a double standard that penalizes hijacking and >> tolerates squatting. > Carlos Friaças wrote : > I agree. However i'm not completely sure we'll be able to solve everything > with just one proposal. You can't ask to do something now about

Re: [arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

On Thu, May 2, 2019 at 11:10 PM Hank Nussbacher wrote: > On 02/05/2019 21:06, John Curran wrote: > > > > It is certainly possible to change the rights provided with address > > block issuance to include routing responsibilities, but that’s a > > rather significant change compared to ARIN’s

Re: [arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

On Fri, 3 May 2019, John Curran wrote: (...) Hank - Yes, ARIN could add a statement to that effect to the registration services agreement ? note that the granting of rights to the address block in the registry is already present, so it?s really the addition of the grant of "sole

Re: [arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

On Fri, 3 May 2019, Andrew Bagrin wrote: There are many examples...  Here is one: - Company X hires hosting company Y for hosting service. - Company X allows company Y to advertise their IP blocks - Years later, company X decides to move to another hosting provider. - There is disagreement

Re: [arin-ppml] prop266 - re-framing the discussion

On Fri, 3 May 2019, Michel Py wrote: Ronald F. Guilmette wrote : If someone is using DoD space strictly -internally- then who the hell gives a damn? And who the hell would ever even know? It is not internal. Squatters are using DoD addresses to transport customer / subscriber traffic over

Re: [arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

Hi, On Fri, 3 May 2019, Jimmy Hess wrote: On Fri, May 3, 2019 at 1:03 AM Hank Nussbacher wrote: "ARIN hereby allocates to you an IP address block and hereby grants you sole permission to announce that address block to the Internet." Simple enough? Not that simple, really. Effectively,

Re: [arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

Hi, On Fri, 3 May 2019, Keith W. Hare wrote: Andrew,   So far, I have seen lots of discussion of the issue but I have not seen a single concise coherent complete definition of the BGP hijacking problem that includes: · What technical mechanisms are used to create a BGP hijack

Re: [arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

In message David Farmer wrote: >> The latter can generally be distinguished from the former via the passage >> of time. If an operator has been duly notified that he/she/it is >> announcing >> a route that he/she/it shouldn't be, and if there is no change after the >> passage of a number of

Re: [arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

On Fri, May 3, 2019 at 2:31 PM Ronald F. Guilmette wrote: > > In message tmx29hbrghizybsro-1n1...@mail.gmail.com> > David Farmer wrote: > > >The proponents of this proposal want you to think this proposal > >only affects hijackers. That is not the case, this proposal affects anyone > >who

Re: [arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

Now there is a constructive suggestion that I can easily support; create a system that monitors routing and actively notifies you when your routing doesn't conform to your published routing policy. There are and have been services that kind of do that, BGPmon, etc... But, they were more focused

Re: [arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

In message David Farmer wrote: >The proponents of this proposal want you to think this proposal >only affects hijackers. That is not the case, this proposal affects anyone >who operates a router. It puts anyone who operates a router in jeopardy of >losing their Internet resources, for

Re: [arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

In message <099db830-da2b-482e-b758-32e240018...@arin.net>, John Curran wrote: >The reason why is that ISPs have the ability to configure their routers as >they see fit, including deciding what routes they announce and what routes >they accept. If the community wants to infringe on this

Re: [arin-ppml] prop266 - re-framing the discussion

In message wrote: >It is not internal. Squatters are using DoD addresses to transport customer >/ subscriber traffic over the public Internet. Yes, that's what I said in my posting. A Navy (NCIS) guy told me that this happens frequently, and that when he calls people on it, many of them are

Re: [arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

Hello List, The difference between a hijack and a lease is often a valid Letter of Agency. Maybe it’s time for an explicit lease policy that would be within ARIN’s scope and could chip away at some of the issues here. Personally, I am against the proposal and agree that it is out of scope.

Re: [arin-ppml] prop266 - re-framing the discussion

> All except one, yes. still, good number > But the number of cases per year is really low. I guess due to the > desincentive people face when wanting to file a report about it... it is just a guess. but I don't think that is the case. > >> no policy or "punishment" was needed ;-) > > I hope

Re: [arin-ppml] prop266 - re-framing the discussion

>> those experts would not answer for any mistaken report. >> according the policy is ARIN the one to publish the result of such >> investigation and would be up to ARIN to act on it. >> >> so, any legal responsibility would be on ARIN. > > To follow established rules. no, to publish someting

Re: [arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

If our engineers mistype an IP in the BGP advertisement, I would want a mechanism to notify me right away. Coming from ARIN would validate it's a real issue and not some random email that we all ignore. I personally do not see lynch mob. Punishment should only come with reluctant to comply. On

Re: [arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

Andrew, This example sounds like a dispute over contract terms. If company X signed an agreement that has an early termination clause with a $xx,000 fee with yyy conditions and company X has violated the those conditions, it is not an ARIN issue. If company Y issues a spurious invoice to

Re: [arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

[speaking for myself] On Fri, May 03, 2019 at 10:05:15AM -0400, Andrew Bagrin wrote: > I'm curious why do people not want to let ARIN try to start getting > involved to help resolve the issue of hijacking? When I voted this out of scope for the NPRM, I said "I wish we were an enforcement entity,

Re: [arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

Simply getting involved in hijacking is not what is proposed. And, by the way, ARIN and the other RIRs already are involved, heard of RPKI, IRR, etc... You can't say the problem is being ignored. Are these responses truly effective? Maybe not. Do we need to do more? Probably. Is this the answer?

Re: [arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

Hi, On Fri, 3 May 2019, Andrew Bagrin wrote: I'm curious why do people not want to let ARIN try to start getting involved to help resolve the issue of hijacking? This is uncharted territory. Some people fear the unknown. Are you doing hijacking and don't want interference? I don't

Re: [arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

On 3 May 2019, at 2:02 AM, Hank Nussbacher wrote: > > On 02/05/2019 21:06, John Curran wrote: >> >> It is certainly possible to change the rights provided with address block >> issuance to include routing responsibilities, but that’s a rather >> significant change compared to ARIN’s present

Re: [arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

There are many examples... Here is one: - Company X hires hosting company Y for hosting service. - Company X allows company Y to advertise their IP blocks - Years later, company X decides to move to another hosting provider. - There is disagreement on the contract terms, agreement length,

Re: [arin-ppml] prop266 - re-framing the discussion

No. But it would be appropriate IMHO to adopt policies that very strongly promote MANRS (or even a subset of it), and/or very strongly encourage ARIN members/customers/clients to adopt MANRS, and/or discourage non-MANRS-compliant number resource holders in some way. Adam Thompson Consultant,

Re: [arin-ppml] prop266 - re-framing the discussion

> Ronald F. Guilmette wrote : > If someone is using DoD space strictly -internally- then who the hell > gives a damn? And who the hell would ever even know? It is not internal. Squatters are using DoD addresses to transport customer / subscriber traffic over the public Internet. ARIN should

Re: [arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

On Fri, May 3, 2019 at 1:03 AM Hank Nussbacher wrote: > "ARIN hereby allocates to you an IP address block and hereby grants you > sole permission to announce that address block to the Internet." > Simple enough? Not that simple, really. Effectively, the "Choice to revoke" suggested by the

Re: [arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

Andrew, So far, I have seen lots of discussion of the issue but I have not seen a single concise coherent complete definition of the BGP hijacking problem that includes: · What technical mechanisms are used to create a BGP hijack · How BGP hijacking is initiated · Why

Re: [arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

I'm curious why do people not want to let ARIN try to start getting involved to help resolve the issue of hijacking? Are you doing hijacking and don't want interference? Are you running a competitive service that you charge for? Does anyone believe there is a valid reason to hijack and advertise

Re: [arin-ppml] prop266 - re-framing the discussion

On Fri, 3 May 2019, Ricardo Patara wrote: Hi Hi, And assume the legal liability for it ? Sure. As long as it doesn't break any contract. Do you think hijackers will sue ARIN by breaking their business model??? you are only looking at one side. the acussed "hijacked" could be not a

Re: [arin-ppml] prop266 - re-framing the discussion

On Fri, 3 May 2019, Ricardo Patara wrote: Hi Carlos Hi,   The problem with this BGP hi-jack proposal, is the problem statemen>> itself.  How many hijacks are happening in the ARIN region per month?  10?  100?  1000? How many of them reach an ARIN mailbox? In fact we got some numbers

Re: [arin-ppml] prop266 - re-framing the discussion

Hi Carlos >>   The problem with this BGP hi-jack proposal, is the problem statemen>> >> itself.  How many hijacks are happening in the ARIN region per month? >>  10?  100?  1000? > > How many of them reach an ARIN mailbox? > > In fact we got some numbers from LACNIC (i.e. cases reported to

Re: [arin-ppml] prop266 - re-framing the discussion

Hi >> >> And assume the legal liability for it ? > > Sure. As long as it doesn't break any contract. Do you think hijackers > will sue ARIN by breaking their business model??? you are only looking at one side. the acussed "hijacked" could be not a bad guy, and might sue ARIN due to an error.

Re: [arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

> On May 2, 2019, at 06:57 , JORDI PALET MARTINEZ via ARIN-PPML > wrote: > > Hi Joe, > > El 2/5/19 15:11, "Joe Provo" > escribió: > > >[see Disclaimer] > >On Thu, May 02, 2019 at 12:30:38PM +0200, JORDI PALET MARTINEZ via > ARIN-PPML wrote: >

Re: [arin-ppml] Weekly posting summary for p...@arin.net

In message <201905030453.x434r35q032...@rotala.raleigh.ibm.com>, nar...@us.ibm.com wrote: >Total of 164 messages in the last 7 days. > >script run at: Fri May 3 00:53:02 EDT 2019 > >Messages | Bytes| Who >+--++--+ >

Re: [arin-ppml] prop266 - re-framing the discussion

> On May 2, 2019, at 08:48 , JORDI PALET MARTINEZ via ARIN-PPML > wrote: > > > > El 2/5/19 17:39, "ARIN-PPML en nombre de Nicolas Antoniello" > mailto:arin-ppml-boun...@arin.net> en nombre de > nantonie...@gmail.com > escribió: > > ARIN (and so the other

Re: [arin-ppml] prop266 - re-framing the discussion

In message wrote: >Maybe you should go out in the real world a little more. I have been asked >several times which of the DoD blocks was "best" to use. The question was >not "Is it ok to use a DoD block internally". The question was "We know >it's dumb, but we are doing it anyway. Which one do

Re: [arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

On 02/05/2019 21:06, John Curran wrote: It is certainly possible to change the rights provided with address block issuance to include routing responsibilities, but that’s a rather significant change compared to ARIN’s present scope of operations. So issuing an address block via ARIN is