Categories
FlashBriefing podcast

MTIN Flash Briefing Feb 7 2019: Arin and 5G news

Your flash briefing for Thursday, February 7, 2019

 

From ARIN
Potential Misuse of ARIN unmet requests list

At their business meeting in January 2019, the ARIN Board of Trustees,
in light of the potential misuse of number resources under NRPM section
4.1.8 (Unmet Requests), suspended issuance of number resources per NRPM
section 4.1.8.2. (Fulfilling unmet needs), and referred NRPM section
4.1.8 to the ARIN Advisory Council for their recommendation. ARIN will
complete open transactions to waiting list organizations where IPv4
addresses have already been approved pending fee payment.

5G isn’t the answer for rural broadband
https://www.theverge.com/2019/2/6/18212742/5g-broadband-replacement-att-rural-connectivity

Verizon halting 5G home deployments
https://9to5mac.com/2019/01/30/verizon-haults-5g-home-rollout/

Firmware Updates
IgniteNet –https://www.ignitenet.com/news/post/new/
UBNT – https://blog.ui.com/2019/02/04/airos-v1-1-2-for-af-5xhd-now-available/

 

Categories
BGP

NEW Service: IP Space Compliance

MTIN is announcing a new service today for those of you who have Registry assigned IP space. For the low price of $80 a year, MTIN will provide the following services in regards to your IP allocations.

  1. Make sure your whois information is correct in the proper registry (ARIN, APNIC, and others) each year.
  2. Make sure your peering db entries are correct and up-to-date
  3. Monitor your IP blocks for hijacking and other activity.
  4. Recommend any security changes needed.
  5. Setup peering sessions to Qrator for auditing purposes
  6. Monitor reverse DNS on your blocks for proper functionality

Unlimited of adding new IP blocks. The first registry or peeringdb change free each year.

If you need help setting up peering DB we can add a small setup to assist with this. contact support@mtin.net for details on this new service today.

Categories
Uncategorized

Arin changes fees for transfer requests of number resources

Beginning 1 January 2017, ARIN will collect a $300 USD, non-refundable processing fee for each transfer request of Internet number resources, including:

   * 8.2 Merger, Acquisition, and Reorganization transfers; billed to the source (or legal successor) organization.

   * 8.3 Transfers to Specified Recipients within the ARIN region, billed to the source-side organization. The Transfer processing fee is waived when the subject resources are under an existing Registration Services Plan (RSP), and no specific transfer processing fee will be charged to the recipient-side organization.

   * 8.4 Inter-RIR Transfers to Specified Recipients, a fee is billed to the source-side organization if within the ARIN region. This transfer processing fee is waived when the subject resources are under an existing Registration Services Plan (RSP).  No specific transfer processing fee will be charged to recipient-side organizations.

This fee will be invoiced to the source organization’s billing Point of Contact (POC) and are to be paid before request evaluation begins. It will replace the current $500 resource transfer fee on the existing fee schedule. https://www.arin.net/fees/fee_schedule.html

Transferred resources will be subject to annual fees as stipulated by the fee schedule, including registry maintenance fees or corresponding Registration Services Plan. Additional fees may apply based on the status of the source or recipient organization at the time of transfer.

This change arose out of a community consultation, which is available for review at:

https://arin.net/participate/acsp/community_consult/09-01-2016_transferfee.html

If you have additional questions, please contact ARIN Financial Services via Ask ARIN, while logged into your ARIN Online account.

Categories
Uncategorized

new AS numbers from IANA for ARIN

Direct from the ARIN-announce list

On 3 May 2016, the IANA issued the following AS number blocks to ARIN.

We will begin issuing AS numbers to customers from these blocks in the coming weeks.

395165-396188
396189-397212

Please contact hostmaster@arin.net or our Help Desk +1.703.227.0660 if you have any questions.

Categories
Uncategorized

Arin announces new fee schedule

https://www.arin.net/fees/2016_fee_schedule.html

Service Categories and Fees
Service Category Fee IPv4 Block Size IPv6 Block Size
3X-Small * $250 /24 or smaller /40 or smaller
2X-Small $500 Larger than /24,
up to and including /22
Larger than /40,
up to and including /36
X-Small $1,000 Larger than /22,
up to and including /20
Larger than /36,
up to and including /32
Small $2,000 Larger than /20,
up to and including /18
Larger than /32,
up to and including /28
Medium $4,000 Larger than /18,
up to and including /16
Larger than /28,
up to and including /24
Large $8,000 Larger than /16,
up to and including /14
Larger than /24,
up to and including /20
X-Large $16,000 Larger than /14,
up to and including /12
Larger than /20,
up to and including /16
2X-Large $32,000 Larger than /12,
up to and including /10
Larger than /16,
up to and including /12
3X-Large $64,000 Larger than /10,
up to and including /8
Larger than /12,
up to and including /8
4X-Large $128,000 Larger than /8,
up to and including /6
Larger than /8,
up to and including /4
5X-Large $256,000 Larger than /6 Larger than /4

 

Categories
BGP Mikrotik Networking

Quick and dirty DDoS mitigation for Mikrotik

Update: This article is not meant  to be a permanent solution.  It’s a way to stop the tidal wave of traffic you could be getting.  Many times it’s important to just get the customers up to some degree while you figure out the best course of action.  

Many of the Denial of Service (DDoS) attacks many folks see these days involve attacks coming from APNIC (Asia Pacific) IP addresses.  A trend is to open as many connections as possible and overwhelm the number of entries in the connection table. You are limited to 65,535 ports to be open.  Ports below 10000 are reserved ports, but anything above that can be used for client type connections.

 Now, Imagine you have a botnet with 10,000 computers all bearing their weight on your network.  Say you have a web-site someone doesn’t like.  If these 10,000 machines all send just 7 legitimate GET requests to your web-server you can bring, even a big router to a grinding halt.   Firewalls, due to the extra CPU they are exerting, are even more prone to these types of attacks.

So, how do you begin to mitigate this attack? By the time you are under attack you are in defensive mode.  Someone, or alot of someone’s, are at your door trying to huff and puff and blow your house down. You need to slow the tide.  One of the first things you can do is start refusing the traffic. A simple torch normally shows many of the attacking IPs, are from APNIC.  If this is the case, we enable a firewall rule that says if the IP is not sourced from the below “ARIN” address list go ahead and drop it.

add chain=forward comment="WebServer ACL" dst-address=1.2.3.4 src-address-list=!ARIN action=drop

The above rule says if our attacked host is being contacted by anything not on the “ARIN” list go ahead and drop it.

Make sure to paste this into /ip firewall address-list . These were copied off the ARIN web-site as of this writing. APNIC and other registries all have similar lists. Keep in mind, this won’t stop the traffic from coming to you, but will shield you some in order to have a somewhat functional network while you track down the issues.

Some people will say to blackhole the IP via a BGP blackhole server, but if you have production machines on the attacked host taking them offline for the entire world could be a problem.  This way, you are at least limiting who can talk to them.

add address=23.0.0.0/8 list=ARIN
add address=24.0.0.0/8 list=ARIN
add address=45.16.0.0/12 list=ARIN
add address=45.32.0.0/11 list=ARIN
add address=45.72.0.0/13 list=ARIN
add address=50.0.0.0/8 list=ARIN
add address=63.0.0.0/8 list=ARIN
add address=64.0.0.0/8 list=ARIN
add address=65.0.0.0/8 list=ARIN
add address=66.0.0.0/8 list=ARIN
add address=67.0.0.0/8 list=ARIN
add address=68.0.0.0/8 list=ARIN
add address=69.0.0.0/8 list=ARIN
add address=70.0.0.0/8 list=ARIN
add address=71.0.0.0/8 list=ARIN
add address=72.0.0.0/8 list=ARIN
add address=73.0.0.0/8 list=ARIN
add address=74.0.0.0/8 list=ARIN
add address=75.0.0.0/8 list=ARIN
add address=76.0.0.0/8 list=ARIN
add address=96.0.0.0/8 list=ARIN
add address=97.0.0.0/8 list=ARIN
add address=98.0.0.0/8 list=ARIN
add address=99.0.0.0/8 list=ARIN
add address=100.0.0.0/8 list=ARIN
add address=104.0.0.0/8 list=ARIN
add address=107.0.0.0/8 list=ARIN
add address=108.0.0.0/8 list=ARIN
add address=135.0.0.0/8 list=ARIN
add address=136.0.0.0/8 list=ARIN
add address=142.0.0.0/8 list=ARIN
add address=147.0.0.0/8 list=ARIN
add address=162.0.0.0/8 list=ARIN
add address=166.0.0.0/8 list=ARIN
add address=172.0.0.0/8 list=ARIN
add address=173.0.0.0/8 list=ARIN
add address=174.0.0.0/8 list=ARIN
add address=184.0.0.0/8 list=ARIN
add address=192.0.0.0/8 list=ARIN
add address=198.0.0.0/8 list=ARIN
add address=199.0.0.0/8 list=ARIN
add address=204.0.0.0/8 list=ARIN
add address=205.0.0.0/8 list=ARIN
add address=206.0.0.0/8 list=ARIN
add address=207.0.0.0/8 list=ARIN
add address=208.0.0.0/8 list=ARIN
add address=209.0.0.0/8 list=ARIN
add address=216.0.0.0/8 list=ARIN
Categories
BGP Networking

IP space terms to know

When you are talking about the type of assigned Public IP space you have there are a couple of terms that are handy to know.

Provider assigned (PA) space. This is space assigned by your upstream provider. These “belong” to someone you are buying services from. If you wish to advertise these via your own ASN to other providers you need a Letter of Authority (LOA) from whom these IPs are assigned to.

Provider independent (PI) is space directly assigned to you from a registry such as ARIN, RIPE,etc. These addresses “belong ” to you. You have authority over these addresses to assign them out, as long as it meets the terms set by the registry.

 

 

Categories
Networking

IPv6 Security tidbits

/127’s for point to point links (RFC 6164) instead of /64’s

New security problems with IPV6
-Extension header chains
-Packet/Header fragmentation
-Predictable fragment headers
-Atomic Fragments (RFC 6946)

Most of these type of attacks are very complicated.

Avoid EUI-64

Categories
Networking

ARIN + NANOG – IPv6 Talk

image1

Categories
Uncategorized

Buying IPv4 addresses?

The question has come up about buying IPv4 addresses from other folks once ARIN and others have run out of their allocation pool.  The biggest question is pricing.

Organizations have two options.  The can lease or sell you the IPv4 space.  Selling of IPv4 space needs some clarification.  You can’t just sell IPv4 space like you would a tangible good.  If you truly wish to sell it, as in give up all rights to it, you actually have to transfer it via the Registry.   In the U.S. we typically go through ARIN.  This means if you buy IP space from someone you still have to meet the requirements from ARIN to receive that IP space.

What are some common pricing to expect?
There are several brokers out there, but very few publish pricing on recent sales.  Since this is basically buying real estate it can be highly negotiation and sales driven. Given the current state of ARIN allocations this will only drive the price up.

One site that publishes data is ipv4marketinggroup

$12.50 per IP address for a /22
http://ipv4marketgroup.com/broker-services/buy/