[Sidrops] as23456 in ROAs

Jay Borkenhagen <jayb@braeburn.org> Sun, 31 March 2019 19:16 UTC

Return-Path: <jayb@oz.mt.att.com>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CA826120021 for <sidrops@ietfa.amsl.com>; Sun, 31 Mar 2019 12:16:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Sj_ljowVYMmF for <sidrops@ietfa.amsl.com>; Sun, 31 Mar 2019 12:16:11 -0700 (PDT)
Received: from hrabosky.cbbtier3.att.net (braeburn.org [12.0.1.25]) by ietfa.amsl.com (Postfix) with ESMTP id 3E8EB120026 for <sidrops@ietf.org>; Sun, 31 Mar 2019 12:16:11 -0700 (PDT)
Received: from oz.mt.att.com (zoe.cbbtier3.att.net [12.0.1.45]) by hrabosky.cbbtier3.att.net (Postfix) with ESMTP id A1F8121F2D for <sidrops@ietf.org>; Sun, 31 Mar 2019 19:16:10 +0000 (UTC)
Received: by oz.mt.att.com (Postfix, from userid 1000) id 7CC90A40771; Sun, 31 Mar 2019 15:16:10 -0400 (EDT)
X-Mailer: emacs 24.3.1 (via feedmail 11-beta-1 I); VM 8.2.0b under 24.3.1 (x86_64-pc-linux-gnu)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <23713.4600.388005.282115@oz.mt.att.com>
Date: Sun, 31 Mar 2019 15:16:08 -0400
From: Jay Borkenhagen <jayb@braeburn.org>
To: Ruediger Volk <rv@NIC.DTAG.DE>, sidrops@ietf.org
Reply-To: Jay Borkenhagen <jayb@braeburn.org>
X-GPG-Fingerprint: DDDB 542E D988 94D0 82D3 D198 7DED 6648 2308 D3C0
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/me55p5GOjh-oZZIrrgYAVsGw9cI>
Subject: [Sidrops] as23456 in ROAs
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 31 Mar 2019 19:16:13 -0000

Hi Ruediger,
Hi SIDROps,

With respect to Ruediger's second presentation at IETF104 last week,
in which he mentioned (among other things) finding as23456 as the
authorized ASN in some published ROAs:

I checked those ROAs (well, actually their VRPs) and found that in
each current case, the same prefix has been authorized also to
originate in an autonomous system number greater than 65535.  Details
below.

Interestingly, each of these instances comes from the LACNIC region.
Perhaps there exists some documentation or folklore in that region
that has led some operators there to publish an additional ROA
authorizing AS23456 if they hold an ASN > 65535.  Maybe SIDROps
friends at lacnic.net can investigate and report back?

[
FWIW, I can imagine some tortuous logic that might lead someone to
publish such a ROA:

 Resource Holder: Hey ISP, if you look here (some RPKI vantage point)
   you'll see that my prefix is to originate only in [huge ASN].

 ISP: Sure, but when I look in the routing tables in my [ancient] kit,
   I see your prefix originating in as23456.  So I blocked it
   manually. 

 Resource Holder: Umm, wait just a sec, and you'll soon see my new ROA
   authorizing as23456, too.  Then please accept it.

Not saying I like it or would recommend taking steps to work around
networks that still do not grok 4B-ASNs in 2019, but perhaps an
as23456 ROA is not totally without motivation.
]


=== 138.185.76.0/22 ===
AS23456,138.185.76.0/22,24,lacnic
AS263824,138.185.76.0/22,24,lacnic

=== 170.84.108.0/22 ===
AS23456,170.84.108.0/22,24,lacnic
AS263248,170.84.108.0/22,24,lacnic

=== 170.254.16.0/22 ===
AS23456,170.254.16.0/22,24,lacnic
AS263824,170.254.16.0/22,24,lacnic

=== 190.2.17.0/24 ===
AS23456,190.2.17.0/24,24,lacnic
AS264638,190.2.17.0/24,24,lacnic

=== 190.210.206.0/24 ===
AS23456,190.210.206.0/24,24,lacnic
AS262264,190.210.206.0/24,24,lacnic
AS264638,190.210.206.0/24,24,lacnic

=== 191.102.48.0/21 ===
AS23456,191.102.48.0/21,21,lacnic
AS263177,191.102.48.0/21,21,lacnic

=== 200.68.114.0/24 ===
AS23456,200.68.114.0/24,24,lacnic
AS265807,200.68.114.0/24,24,lacnic
AS264638,200.68.114.0/24,24,lacnic

=== 200.192.236.0/22 ===
AS23456,200.192.236.0/22,24,lacnic
AS263248,200.192.236.0/22,22,lacnic
AS263248,200.192.236.0/22,24,lacnic

=== 2803:980::/32 ===
AS23456,2803:980::/32,32,lacnic
AS263248,2803:980::/32,48,lacnic
AS263248,2803:980::/32,32,lacnic


Thanks.

					Jay B.