This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/anti-abuse-wg@ripe.net/
[anti-abuse-wg] Mysteries of the Internet: AS65000
- Previous message (by thread): [anti-abuse-wg] Mysteries of the Internet: AS65000
- Next message (by thread): [anti-abuse-wg] Mysteries of the Internet: AS65000
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
ac
ac at main.me
Mon Apr 15 05:56:01 CEST 2019
Sorry for top posting, but I fail to see how any of this is abuse related? On Mon, 15 Apr 2019 04:39:10 +0100 "Sascha Luck [ml]" <aawg at c4inet.net> wrote: > On Sun, Apr 14, 2019 at 06:30:50PM -0700, Ronald F. Guilmette wrote: > >Even if I accept that one of these explanation is accurate and > >correct, I am still left with one question: Who is "they" in this > >context? > > If it's a leaked internal private ASN, the next ASN upstream in > the path should be the correct one. So, in essence, they are > doing it to themselves. > > It could also actually be a private peering that was never > supposed to be visible in the DFZ. IIRC it is common practice to > use private ASNs for this. In which case it is the peer leaking > it. > > >P.S. There are three reasons why I am not prepared to believe that > >this is all just some "fat fingered" or merely incompetent mistake. > >The first is the number of different national flags I am seeing on > >this page: > > > >https://bgp.he.net/AS65000#_prefixes > > > >That doesn't look much like an "internal network" to me! > > It just means that a lot of networks leak private ASNs. Why does > that surprise you? > > >But we can debate these points later on. First I'd like to know who > >"they" is. If somebody can figure out who "they" is in this > >context, then someone, perhaps even me, can shoot a polite and > >friendly inquiry via email to whatever "they" are actually doing > >this stuff, asking them what's up and how come they thought that it > >was a Good Idea to use a reserved ASN, and whether or not "they" > >plan to continue doing so. > > "They" are the admins of the advertised networks (if this *is* > failure-to-remove-private-ASNs) > > >But right now I can't even do that, because I have no idea who is > >actually responsible for any of this. If you do, then please do > >enlighten me. > > Probably the actual owners of the advertised prefixes. > > rgds, > SL >
- Previous message (by thread): [anti-abuse-wg] Mysteries of the Internet: AS65000
- Next message (by thread): [anti-abuse-wg] Mysteries of the Internet: AS65000
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]