This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/routing-wg@ripe.net/
[routing-wg] Hijacking
- Previous message (by thread): [routing-wg] Hijacking
- Next message (by thread): [routing-wg] Hijacking
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Jacob Slater
jacob at rezero.org
Tue Jun 26 16:02:30 CEST 2018
> > Is such behavior > it contractually permissible, within the RIPE region? The NCC's contracts do not forbid individuals/organizations from hijacking prefixes that do not belong to them*. That isn't their job. The NCC is tasked with guaranteeing uniqueness. They are not tasked with enforcing implementation constraints on others, especially not on a legal basis. Doing so would be far too costly and would likely increase the amount of hijacking we see (can't enforce a contract with someone who hasn't signed it). This isn't unique. The ARIN RSA holds no such stipulations. While I've never seen their agreements, I'd be willing to bet the other regions are similar. Is this the accepted norm in the RIPE region? > It isn't the norm, nor is it considered acceptable. From the few times I've had to deal with hijacking, large ISPs are generally very willing to cooperate when prefix holders contact them. Ultimately, the solution is likely proper enforcement of RPKI and/or "trusted" route objects (those signed by a RIR with an authoritative database over the prefix who will not accept prefixes without authorization), not contractual enforcement by the RIRs. *A given LIR might include such a clause, though I've never seen it done. On Tue, Jun 26, 2018 at 12:18 AM, Ronald F. Guilmette <rfg at tristatelogic.com > wrote: > > Please excuse me for this rather naive question, but I really > don't know the answer. (And in the present context, I would > very much like to know.) > > Do the contracts that various entities, including but not > limited to LiRs, sign with RIPE, in exchange for being issued > RIPE number reources, include any sort of a stipulation or > condition that the parties agree not to deliberately and > with malice aforethought announce routes either (a) using > AS numbers which have not been issued to them by one of the > five Regional Internet Registries and/or (b) covering IP > address space that has not been formally issued to them, or > to any of their legitimate customers by one of the five > Regional Internet Registries? > > I guess that another way of expressing this question would be: > Do RIPE contracts allow anyone to announce whatever the hell they > want, willy nilly, and with no concern whatsoever for the formal > allocation process? > > I wouldn't ask, but it appears that certain RIPE members do not > feel particularly constrained to avoid announcing routes to IP > address space that they are clearly and deliberately stealing from > other parties. > > Is this the accepted norm in the RIPE region? Is such behavior > it contractually permissible, within the RIPE region? > > -------------- next part -------------- An HTML attachment was scrubbed... URL: </ripe/mail/archives/routing-wg/attachments/20180626/57924126/attachment.html>
- Previous message (by thread): [routing-wg] Hijacking
- Next message (by thread): [routing-wg] Hijacking
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]