Mailing List Archive

Owen,

Well, no. The Internet — meaning the ISPs and customers that comprise it — get substantial subsidies to this day. But that’s no call for the government to be obtuse with the purposes of its IP space.

https://www.nasdaq.com/articles/more-than-300-companies-participate-in-internet-subsidy-program-u.s.-agency-2021-04-01

-mel


> On Apr 26, 2021, at 11:05 AM, Owen DeLong <owen@delong.com> wrote:
>
>
>
>> On Apr 24, 2021, at 16:34 , Jason Biel <jason@biel-tech.com> wrote:
>>
>> The internet that is subsidized by that same Government….
>
> Uh, s/is/was/
>
> There’s really no subsidy any more.
>
> Owen
>

That would be true if “the Internet” was still fully comprised of
American providers and customers. That hasn’t been the case for a
long, long time.

On 26 Apr 2021, at 16:27, Mel Beckman wrote:

> Owen,
>
> Well, no. The Internet — meaning the ISPs and customers that
> comprise it — get substantial subsidies to this day. But that’s no
> call for the government to be obtuse with the purposes of its IP
> space.
>
> https://www.nasdaq.com/articles/more-than-300-companies-participate-in-internet-subsidy-program-u.s.-agency-2021-04-01
>
> -mel
>
>
>> On Apr 26, 2021, at 11:05 AM, Owen DeLong <owen@delong.com> wrote:
>>
>>
>>
>>> On Apr 24, 2021, at 16:34 , Jason Biel <jason@biel-tech.com> wrote:
>>>
>>> The internet that is subsidized by that same Government….
>>
>> Uh, s/is/was/
>>
>> There’s really no subsidy any more.
>>
>> Owen
>>

I’d be interested in an objective recap of this thread.



It seems like we could do a Netflix series for networkers about it. ????



Anyone would like to give it a try to summarize the story back from the 80’s till today and explain what is at stake here?



Thanks
Jean



From: NANOG <nanog-bounces+jean=ddostest.me@nanog.org> On Behalf Of Tom Beecher
Sent: April 26, 2021 9:32 AM
To: Mel Beckman <mel@beckman.org>
Cc: nanog@nanog.org
Subject: Re: DoD IP Space



As long as that IP space was isolated to the .mil network, it was private space, as far as the Internet was concerned.



The DoD allocation of 11/8 predates the concept of 'private network space'.



11/8 was first assigned to the DoD in RFC 943 in April of 1985. The concept of IPv4 space for private networks was first defined in RFC 1597, March 1994. (Which eventually would become RFC1918. )



The fact that certain parties decided on their own that space not present in the global routing table was 'fair game' or 'private' doesn't make them correct, it simply makes them ill informed.



On Sat, Apr 24, 2021 at 7:18 PM Mel Beckman <mel@beckman.org <mailto:mel@beckman.org> > wrote:

Bill,

It’s the INTERNET that is civilian, not the IP space. As long as that IP space was isolated to the .mil network, it was private space, as far as the Internet was concerned. Now DoD has moved it into the civilian Internet, and I treat them as potentially malicious as I do any other organization that lies, cheats, and steals the public trust.

-mel

> On Apr 24, 2021, at 3:45 PM, William Herrin <bill@herrin.us <mailto:bill@herrin.us> > wrote:
>
> On Sat, Apr 24, 2021 at 8:26 AM Mel Beckman <mel@beckman.org <mailto:mel@beckman.org> > wrote:
>> This doesn’t sound good, no matter how you slice it. The lack of
>> transparency with a civilian resource is troubling at a minimum.
>
> You do understand that the addresses in question are not and have
> never been "civilian." They came into DoD's possession when this was
> all still a military project funded by what's now DARPA.
>
> Personally, I think we may have an all time record for the largest
> honeypot ever constructed. I'd love to be a fly on that wall.
>
> Regards,
> Bill Herrin
>
>
>
> --
> William Herrin
> bill@herrin.us <mailto:bill@herrin.us>
> https://bill.herrin.us/

Carlos,

It’s true even though the Internet is comprised of more than American providers and customers. A subsidy is a subsidy. It doesn’t have to go to everyone to “be true”. :)

-mel

> On Apr 26, 2021, at 12:44 PM, Carlos M. Martinez <carlosm3011@gmail.com> wrote:
>
> That would be true if “the Internet” was still fully comprised of American providers and customers. That hasn’t been the case for a long, long time.
>
> On 26 Apr 2021, at 16:27, Mel Beckman wrote:
>
>> Owen,
>>
>> Well, no. The Internet — meaning the ISPs and customers that comprise it — get substantial subsidies to this day. But that’s no call for the government to be obtuse with the purposes of its IP space.
>>
>> https://www.nasdaq.com/articles/more-than-300-companies-participate-in-internet-subsidy-program-u.s.-agency-2021-04-01
>>
>> -mel
>>
>>
>>> On Apr 26, 2021, at 11:05 AM, Owen DeLong <owen@delong.com> wrote:
>>>
>>>
>>>
>>>> On Apr 24, 2021, at 16:34 , Jason Biel <jason@biel-tech.com> wrote:
>>>>
>>>> The internet that is subsidized by that same Government….
>>>
>>> Uh, s/is/was/
>>>
>>> There’s really no subsidy any more.
>>>
>>> Owen
>>>

On 4/24/21 3:45 PM, William Herrin wrote:
> On Sat, Apr 24, 2021 at 8:26 AM Mel Beckman <mel@beckman.org> wrote:
>> This doesn’t sound good, no matter how you slice it. The lack of
>> transparency with a civilian resource is troubling at a minimum.
> You do understand that the addresses in question are not and have
> never been "civilian." They came into DoD's possession when this was
> all still a military project funded by what's now DARPA.
>
> Personally, I think we may have an all time record for the largest
> honeypot ever constructed. I'd love to be a fly on that wall.
>
Is this to say that the prefixes are now being announced? Sorry for this
dumb question, but how would this honeypot work?

Mike

anyone seeing roas in 11/8? i am not.

randy

---
randy@psg.com
`gpg --locate-external-keys --auto-key-locate wkd randy@psg.com`
signatures are back, thanks to dmarc header butchery

On Mon, Apr 26, 2021 at 10:18 PM Randy Bush <randy@psg.com> wrote:

> anyone seeing roas in 11/8? i am not.
>
>
am not either, I would be curious to know if the RPKI discussion came up
for the prefixes in the run up to turning up this new service.
I'd also love to know if they are planning to publish ROA :) it'd be handy
in telling the rest of the world: "Hey, the owners of the space
authorize ASNFOO/BAR/BAZ that the announcement(s) you see are ok by them"

it might also have closed down some of the initial 'WUT?' conversation
about these prefixes.
-chris

>> anyone seeing roas in 11/8? i am not.
> am not either, I would be curious to know if the RPKI discussion came up
> for the prefixes in the run up to turning up this new service.

what i hope is that they publish the results of their experiment. a bit
more depth in discussion in ripe community.

---

From: Randy Bush <randy@psg.com>
Subject: Re: [anti-abuse-wg] AS8003 and U.S. Department of Defense routing
To: Brian Nisbet <brian.nisbet@heanet.ie>
Cc: Anti Abuse WG <anti-abuse-wg@ripe.net>
Date: Tue, 27 Apr 2021 08:22:16 -0700

interesting wg to do routing security analysis.

as i do really not know the dod's or their proxy's motive(s), i can not
say much about their tactics let alone strategy.

i do know, and have actually seen and experienced, part of 11/8 being
used as if it was 1918 space; ripe bologna was the first time. and the
food in that town was fantastic!

a /8 telescope would pick up leakage patterns as well as the current
shotgun blast of announcements (i presume folk have looked at the actual
announcements). i would na?vely think that the /8 might be slightly
more easily analyzed than the pieces.

maybe, as the telescope analysis shows focused leaks, they are trying to
disrupt those focused uses with these focused announcements.

but, if an op is using 11.12.666.0/23 internally, would they be careless
enough to accept an exogenous announcement of that space? i guess i
should not underestimate carelessness.

is some random (small, i hope) isp using my address space internally as
1918 equivalent abusive, beyond their customers maybe not be able to
reach my network? if so, maybe the vigilantes are looking in the wrong
direction.

randy

---
randy@psg.com
`gpg --locate-external-keys --auto-key-locate wkd randy@psg.com`
signatures are back, thanks to dmarc header butchery

>> what i hope is that they publish the results of their experiment. a
>> bit more depth in discussion in ripe community.
>
> https://bgp.he.net/AS8003#_prefixes

those are not results of an experiment. those are some visible artifacts
of (possibly part of) an experimental setup.

what i meant was the *results* of their measurements and the insights
gained.

< snark >

( and when i wanted to know what prefixes were being announced, i looked
at my own router(s). neither cisco, juniper, nor arcos seemed to have
the equivalent of
`show ip bgp regexp _8003$ insight`
though i have been asking for years
:)

randy

---
randy@psg.com
`gpg --locate-external-keys --auto-key-locate wkd randy@psg.com`
signatures are back, thanks to dmarc header butchery