Re: [apnic-talk] Private ASN Route Objects

To: Tom Harrison <tomh@apnic.net>
Subject: Re: [apnic-talk] Private ASN Route Objects
From: "Ronald F. Guilmette" <rfg@tristatelogic.com>
Date: Tue, 17 Aug 2021 22:25:43 -0700
Cc: APNIC TALK <apnic-talk@lists.apnic.net>
Delivered-to: apnic-talk@clove.apnic.net
In-reply-to: <YRxWiO7W2xp53m6f@TomH-802418>
List-archive: <http://mailman.apnic.net/mailing-lists/apnic-talk/>
List-help: <mailto:apnic-talk-request@lists.apnic.net?subject=help>
List-id: General discussions on APNIC <apnic-talk.lists.apnic.net>
List-post: <mailto:apnic-talk@lists.apnic.net>
List-subscribe: <https://mailman.apnic.net/mailman/listinfo/apnic-talk>, <mailto:apnic-talk-request@lists.apnic.net?subject=subscribe>
List-unsubscribe: <https://mailman.apnic.net/mailman/options/apnic-talk>, <mailto:apnic-talk-request@lists.apnic.net?subject=unsubscribe>

In message <YRxWiO7W2xp53m6f@TomH-802418>, 
Tom Harrison <tomh@apnic.net> wrote:

>We have one route object remaining that references an undelegated ASN.
>The Member has requested some additional time to review this matter
>before they take action.

Yes.  I know.  I called & spoke to him myself.

It wasn't easy, since all of the contact info in the relevant WHOIS record
is outdated garbage.  The phone number goes to the guy who designed the
comapny's web site.  But he gave me the phone number of the actual
relevant company manager, who I called, but still got no joy.  (His
underling who actually understands all of this fancy-schmancy networking
stuff is on vacation till next week.   I hope for the company's sake that
they don't have any sort of unexpected network meltdown until he gets back!
If they do, they'll be screwed.)

>There are three route objects remaining that reference private ASNs.
>These objects have been created by a Member for testing purposes, and
>they have advised us that they will remove these objects once they
>finish their testing.

Yes.  I spoke to him also.

>We are working on a notification system that will alert the APNIC
>Helpdesk team when such route objects are created, so that we can
>promptly follow them up with our Members.

That would be Good, but I would advise not over-investing in this,
manpower-wise.  With luck, these things should only come up rarely,
especially if the UI of the process by which APNIC members create new
route objects is modified so as to disallow any and all currently
unassigned address space *and* any and all currently unassigned AS
numbers.

(It is actually not that hard to deduce, on any given day, which IPs
and which ASNs are and are not assigned to some RIR resource member
by looking at the daily "stats" files of all five RIRs... which is
what I have been doing.  I will be more than happy to share code and/or
expertise on how to do this, off-list, with APNIC staff as and if
requested.)

>There is also a new policy proposal around restricting the creation of
>ROA objects that reference private, reserved, or unallocated ASN.

So I have heard.  I endorse that 100%.

>Since the route management interface in MyAPNIC permits our Members to
>create both route objects and ROAs with arbitrary ASNs, we will seek
>clarification from the author if this proposal should be extended to
>include route(6) objects as well.

That would make complete sense.

Regards,
rfg

P.S. Thank you Tom for the follow-up.

References:
- Re: [apnic-talk] Private ASN Route Objects
  - From: Tom Harrison <tomh@apnic.net>