Network Security (global, not on your home network)

Net253 has its own ASN (autonomous system number). ASNs and BGP are how advanced (in practice, not name) ISPs talk to each other. ASNs advertise to other ISPs Hey! if you are looking for an IP in one of our ranges (netblocks), come to our ASN.

IPv4 (what we serve your home with) ran out of addresses around September 2015. Around 1994 a technology called “NAT” saved the internet and is why we still use IPv4 today. Many large companies who got early big blocks of IPv4 have been selling them off for insane profit or just returning them to ARIN for reuse. We have acquired 2,048 addresses by getting on the ARIN waitlist and waiting six months to two years for a block of addresses to be allocated to us.

Sometimes these reused addresses have lingering ASN information floating around the internet.

Recently we enabled RPKI/ROA/IRR RPSL announcements to cryptography announce “These addresses are ours and should only route to our ASN” Now that we are doing this, we are able to contact the registries and tell them to remove the stale data. All the tier-1 (top) internet carriers (folks that link Seattle to San Jose or Seattle to Salt Lake City) respect crypto signed announcements and filter out non-signed announcements.

One of our netblocks was previously used by Xerox, yes that Xerox. As you can imagine, we have had interesting conversations with other global network engineers telling them, “please delete the entry for Xerox corporation”. Now that we are crypto signing, they trust us when we state Xerox no longer has any control of the space.

If you read this far you must be curious. Go to bgp.tools, in the “Start here…”, type AS396952 and click on our prefixes. You will see they are all “locked”. This ensures we cannot get man in the middle or other malicious attacks on our network space we use to serve you.