Please see inline, On Thu, 21 Mar 2019, Richard Clayton wrote:
In message <CAFV686e9aa8xhACUz+ePfbELU74MPcE-2PiC2-kpU- 1xAptxFA@mail.gmail.com>, Jacob Slater <jacob@rezero.org> writes
While the idea of an a complaint form (with teeth) sounds appealing, I do not believe submission should be open to everyone. Only the party holding rights (as registered in a RIR) should be able to file a report regarding their own IP space.
there are two practical problems with that:
first: historically anyway, large Chinese providers have not seemed to take much notice if their prefixes are hijacked... this may be because they are not using the IP space, or that they consider the class of user for that space to have no business accessing resources outside of China (the latter seems a bit unlikely, but the "Great Firewall of China" is a complex set of devices so there may be a lot of proxying going on)
Let me add: while the legitimate owner might not care, those who will be receiving hijacked prefixes through BGP might care.
second: many hijackers have used space (and AS numbers) that was allocated to entities that almost certainly don't exist any more. Determining who holds the rights to this space (a question for the liquidators of the companies involved I expect) is almost certainly impossible to establish
Precisely. Well, the rightful owner should be able to issue a ROA :-)
which taken together mean that quite a number of the hijackers I have chased down over the years would not be affected by this proposal :(
And there are those that use space registered to conflict zones, where it's less probable that anyone will notice/complain...
Also of course the proposed policy does cover unallocated space (large chunks of which are currently announced as I pointed out earlier, which still doesn't seem to be worrying many people). Would you expect IANA or the RIRs to lodge complaints here ?
Why not? :-) Well, i added bugging Geoff Huston about this to my TO-DO list. Let's see if he can provide some insight.
If everyone is allowed to do so, we run several risks, namely that individuals with no knowledge of the situation (beyond that viewed in the public routing table) will file erroneous reports based on what they believe to be the situation (which may not be accurate, as some forms of permission for announcement are not documented in a way they could feasibly see).
I entirely agree -- this just adds to the list of practical complexities that I (and a few others) have been pointing out.
There is some risk yes. My best take at the moment is that bogus claims should be filtered.
Yes hijacks can be simple to understand -- but they can be very complex and perfectly legitimate activity can look like a hijack until a lot of detail has been considered.
That's why there is reasonable room to the suspected hijacker to explain. One expert can be wrong, all experts can be wrong once, and even after that the ratification step could act as a safety knob. Best Regards, Carlos
-- richard Richard Clayton
Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755