[anti-abuse-wg] Mysteries of the Internet: AS65000
- Previous message (by thread): [anti-abuse-wg] Mysteries of the Internet: AS65000
- Next message (by thread): [anti-abuse-wg] Mysteries of the Internet: AS65000
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
ac
ac at main.me
Mon Apr 15 05:56:01 CEST 2019
Sorry for top posting, but I fail to see how any of this is abuse related? On Mon, 15 Apr 2019 04:39:10 +0100 "Sascha Luck [ml]" <aawg at c4inet.net> wrote: > On Sun, Apr 14, 2019 at 06:30:50PM -0700, Ronald F. Guilmette wrote: > >Even if I accept that one of these explanation is accurate and > >correct, I am still left with one question: Who is "they" in this > >context? > > If it's a leaked internal private ASN, the next ASN upstream in > the path should be the correct one. So, in essence, they are > doing it to themselves. > > It could also actually be a private peering that was never > supposed to be visible in the DFZ. IIRC it is common practice to > use private ASNs for this. In which case it is the peer leaking > it. > > >P.S. There are three reasons why I am not prepared to believe that > >this is all just some "fat fingered" or merely incompetent mistake. > >The first is the number of different national flags I am seeing on > >this page: > > > >https://bgp.he.net/AS65000#_prefixes > > > >That doesn't look much like an "internal network" to me! > > It just means that a lot of networks leak private ASNs. Why does > that surprise you? > > >But we can debate these points later on. First I'd like to know who > >"they" is. If somebody can figure out who "they" is in this > >context, then someone, perhaps even me, can shoot a polite and > >friendly inquiry via email to whatever "they" are actually doing > >this stuff, asking them what's up and how come they thought that it > >was a Good Idea to use a reserved ASN, and whether or not "they" > >plan to continue doing so. > > "They" are the admins of the advertised networks (if this *is* > failure-to-remove-private-ASNs) > > >But right now I can't even do that, because I have no idea who is > >actually responsible for any of this. If you do, then please do > >enlighten me. > > Probably the actual owners of the advertised prefixes. > > rgds, > SL >
- Previous message (by thread): [anti-abuse-wg] Mysteries of the Internet: AS65000
- Next message (by thread): [anti-abuse-wg] Mysteries of the Internet: AS65000
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]