[lacnog]         Subasignación de prefijos a otro ASN y el tema con los RoA

[Mike Burns]

Hi Rubens,
" As far as I now, unfortunately in ARIN there is not currently impediment
to lease ARIN non-legacy blocks."
Fernando just acknowledged that renting ARIN RSA space is not a problem, yet
you persist in your delusions.

Sounds like you're unwilling to share your investigation results.
If you are going to complain about them why not make them public?

I think you should concede on the legacy issue. You lost.

Regards,
Mike







-----Original Message-----
From: LACNOG <lacnog-bounces en lacnic.net> On Behalf Of Rubens Kuhl
Sent: Friday, February 04, 2022 4:09 PM
To: Latin America and Caribbean Region Network Operators Group
<lacnog en lacnic.net>
Subject: Re: [lacnog]
        Subasignación de prefijos a
otro ASN y el tema con los RoA

> Your pet-project investigations sound like a good idea.
> Will you please reveal the results of your investigations here for 
> others to learn from?

Actually, the main focus is to file complaints with the respective RIRs for
each one found to be suspicious, knowing that most of the time only the RIR
will have all the necessary information to make a determination.


> Of course we know that many cloud providers advertise blocks belonging 
> to their clients, not themselves, and they advertise them under the 
> cloud provider's ASN.  AWS, Cogent, Oracle, Vultr, etc. Not sure how 
> you would differentiate those from leases, but with enough 
> investigation you are sure to find smaller, non-cloud provider ASNs 
> advertising space belonging to others.

Actually, the first false positive that came to mind was DDoS mitigation
services.
Most of them have a bad habit of advertising their customer prefixes
originating in their ASN.
I saw one case of a cloud provider advertising a client address space once,
and they changed that quickly when they knew they were in violation of their
allocation.

> If you would agree to non-disclosure I will share an ARIN non-legacy 
> block being leased by a Latin American client off list as I believe I 
> can acquire their permission. They know they are breaking no rules 
> leasing ARIN RSA space.

A non-disclosure could put me in a situation of malfeasance if I bump into
something wrong or possibly wrong and then fail to report or investigate it.
So thanks, but no, thanks.

> You still say non-legacy space is not safely leasable, but you can't 
> point

No, I say that it is not safely leasable wholesale. Every block will have a
different safety profile.

> to any policy or RSA language that prevents RSA addresses from being
leased.

Because leasing is not the issue, how it is used is the issue. For instance,
by leasing to a network that has not been verified by the RIR to have real
need is now using those resources, now there is no verification of such
need.


> Only in LACNIC and AFRINIC is there a risk, not that I've ever heard 
> of LACNIC addresses revoked for usage differing from the original 
> justification. Maybe you have?

I can only talk about generics here that most compliance processes of ICANN,
RIRs and NIRs provide opportunities for fixing a breach of contract before
it goes public.  Saying more than that would violate professional duty.

> If what you say is true (that non-legacy space can't be leased), where 
> is it in the RSA or the NRPM of ARIN, RIPE, or APNIC?

Again, this will be different block by block and the point is not the lease,
but the subsequent usage by the lessee.
It is also dependent on the policy manual and RSA in force at time of
allocation.


Rubens
_______________________________________________
LACNOG mailing list
LACNOG en lacnic.net
https://mail.lacnic.net/mailman/listinfo/lacnog
Cancelar suscripcion: https://mail.lacnic.net/mailman/options/lacnog