Re: [address-policy-wg] New Draft Document: De-boganising New Address Blocks

[Daniel Karrenberg <]

On 24.02 16:17, Michael.Dillon@localhost wrote:
> >The RIPE NCC has prepared a draft document titled "De-Bogonising New
> >Address Blocks":
> 
> That is a misleading title.

I thought it was to the point and rather cute ;-).
> 
> The problem is that ISPs cannot react quickly enough
> to open filters when new ranges are allocated. The proposed
> solution is to provide advance notification. I suppose this
> could allow ISPs to open filters before the new addresses
> are actually in use officially.

This is the status quo, aka best *current* practise.

> However, it will also allow spammers to announce this
> space and get it through bogon filters.

Correct, but only in the absence of more specific filtering.
the problem this proposal aims to correct is the increasing number of
false positives caused by the apparent *serious* lag in relatively
static bogon filtering. 

> The real solution to this problem is to make it 
> possible for ISPs to closely track RIR allocations
> in their filters in a semi-automated way. There may
> still be a few days of delay before a new allocation
> is fully routable but ISPs can compensate for that
> with internal processes. 
> 
> Why can't ISPs subscribe to a feed of all new 
> RIPE allocations in near real-time?

Personally I think this is a great idea and if we hear 
from a lot of operators actually willing to take such feeds
it may become reality. However there are a number of serious issues
with something like this, not the least of which are the liability 
issues in case this goes wrong very dynamically and semi-automatdly.

It is certainly something to progress if there is enough interest.

However I think the current proposal shold go ahead too because the false
positives are a real problem now

Daniel