Re: Spamhaus flags any IP announced by our ASN as a criminal network

[August Yang via NANOG <nanog () nanog org>]

Firstly, it's worth noting that AS47158 was registered to 
ORG-IL649-RIPE, which was not a LIR.

Additionally, LIRs do not assign ASNs to end users whereas RIPE does. 
NIR in certain regions is another story.

End user may enter into a sponsorship agreement with LIR to receive ASN 
assignment, still directly from NCC.

It's important to note that ASNs and IP resources have quite different 
assignment policies, so the involvement of IP brokers is not relevant in 
this particular case.

On 2023-03-21 2:33 p.m., George Toma wrote:
> Well that's for end users. The company in question seems to be a 
> Telecom operator.
> The RIPE model is a very strange and confusing one, where ISPs 
> basically become LIRs and they themselves assign ASNs and IPs, and 
> there are 23000 LIRs in ARIN. Basically any ISP , webhosting company, 
> datacenter or even a trading company can become a LIR.
>
> It's a very strange model which had just cost me 15 minutes of my time 
> to just dig into and get some basic understanding of it. I would not 
> put my hand in the fire that the OP is a LIR or not, but they are an 
> ISP so I would assume they are LIR and as such can reassign the IPs,a 
> nd if they are not LIR they can become one.
>
> Anyway many of IP renting companies such as IPXO are RIPE-based, and 
> those who are ARIN or APNIC based also have subnets from RIPE region. 
> If RIPE was against subletting, the whole market would not exist with 
> RIPE subnets.
>
> Regards
> George
>
>
>
> On Tue, Mar 21, 2023 at 2:17 PM <ayang () august tw> wrote:
>
>     RIPE NCC Requirements: End User Assignment Agreement states:
>
>     “End User may not sub-assign resources to third parties.”
>
>     Best regards,
>     August Yang
>
>     On 2023-03-21 13:12, George Toma wrote:
>     > I do not believe ASN sharing is illegal or prohibited, it's not
>     > prohibited in LACNIC and in APNIC policy I also could not find
>     > anything about ASN sharing, only
>     >
>     > APNIC policy states:
>     > "2.3. Autonomous System (AS)An Autonomous System (AS) is a connected
>     > group of one or more IP prefixes run by one or more network
>     operators
>     > under a single and clearly defined routing policy.
>     > 2.3.1. Autonomous System Number (ASN)
>     > An Autonomous System Number (ASN) is a unique two- or four-byte
>     number
>     > associated with an AS. The ASN is used as an identifier to allow the
>     > AS to exchange dynamic routing information with other Autonomous
>     > Systems."
>     >
>     > Nothing prohibiting ASN sharing and 2.3 specifically states "run by
>     > one or more network operators... single routing policy"
>     >
>     > Regards
>     > George
>     >
>     > On Tue, Mar 21, 2023 at 8:00 AM <nanog-request () nanog org> wrote:
>     >
>     >> Message: 19
>     >> Date: Mon, 20 Mar 2023 16:24:09 -0400
>     >> From: ayang () august tw
>     >> To: Collider <large.hadron.collider () gmx com>
>     >> Cc: nanog () nanog org
>     >> Subject: Re: Spamhaus flags any IP announced by our ASN as a
>     >> criminal
>     >> network
>     >> Message-ID: <5b7ed1b1fbff65dfc63d188c2e1f95af () august tw>
>     >> Content-Type: text/plain; charset=UTF-8; format=flowed
>     >>
>     >> Several Huize ASNs, e.g. AS47158 and AS141011, were revoked due to
>     >> RIR
>     >> policy violations, which include prohibited sharing of ASNs with
>     >> third
>     >> parties, IP hijacking, and malicious path prepending.
>     >>
>     >> Given this history, it is not surprising that Spamhaus would
>     >> blacklist
>     >> IP addresses associated with their ASN. In my opinion, such action
>     >> is
>     >> well-justified.
>     >>
>     >> Best regards,
>     >> August Yang
--
Best regards
August Yang

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature