Re: New Draft Document: De-boganising New Address Blocks

[Daniel Karrenberg <daniel.karrenberg () ripe net>]

On 24.02 16:32, Michael.Dillon () radianz com wrote:
> That is a misleading title.

I thought it was to the point and rather cute ;-).
> The problem is that ISPs cannot react quickly enough
> to open filters when new ranges are allocated. The proposed
> solution is to provide advance notification. I suppose this
> could allow ISPs to open filters before the new addresses
> are actually in use officially.

This is the status quo, aka best *current* practise.

> However, it will also allow spammers to announce this
> space and get it through bogon filters.

Correct, but only in the absence of more specific filtering.
the problem this proposal aims to correct is the increasing number of
false positives caused by the apparent *serious* lag in relatively
static bogon filtering. 

> The real solution to this problem is to make it 
> possible for ISPs to closely track RIR allocations
> in their filters in a semi-automated way. There may
> still be a few days of delay before a new allocation
> is fully routable but ISPs can compensate for that
> with internal processes. 
>
> Why can't ISPs subscribe to a feed of all new 
> RIPE allocations in near real-time?

Personally I think this is a great idea and if we hear from a lot of
operators actually willing to take such feeds it may become reality
beyond volunteer efforts like the Team CYMRU one.  However there are a
number of serious issues with something like this, not the least of
which are the liability issues in case this goes wrong very dynamically
and semi-automatedly. 

It is certainly something to progress if there is enough interest.

However I think the current proposal shold go ahead too because the false
positives are a real problem that needs to be addressed quickly.

Daniel