# ColoCrossing Makes List of Largest ARIN Free Pool IP Acquirers in 2013



## drmike (Dec 22, 2013)

So, my buddies at ColoCrossing are getting noticed in academic circles for IPV4 hoarding and abuse.

Assistant Professor, Vibhanshu Abhishek from Carnegie Mellon University in a paper titled "Context and Realities of the IPV4 Market: What Technology Leaders Need to Know" mentions ColoCrossing in a graph of the biggest IPV4 free pool accumulators for 2013.

On page 20, of the research is a graphic labeled "Table 3: 10 Largest Acquirers from ARIN Free Pool - 2013", ColoCrossing comes in seventh, trailing Microsoft and ahead of Enzu.

ColoCrossing is listed with 458,752 IPv4 Allocated through October 2013.

The full paper can be found here: http://www.kalorama.com/PageFiles/212/Context%20and%20Realities%20of%20the%20IPv4%20Market.pdf. The graph  listing ColoCrossing can be found on page 20 of the PDF.


----------



## MannDude (Dec 22, 2013)

I was under the impression they had like 7 to 10 racks across all their locations. That's a shit ton of addresses for that amount of servers.


----------



## drmike (Dec 22, 2013)

Well the locations vary.  Where it costs real cashola, stick them at 1-2 racks per location.

CC is strange though, massive 200k+ IP growth in a year and well, have you seen any new massive buildouts?  Looks like ZERO growth on servers deployed.  Yeah they lit up a rack in NJ at Choopa.  Oh did I say a rack...?  No significant growth to begin to even justify all this IPV4 allocation.


----------



## Virtovo (Dec 22, 2013)

Come IPv4 exhaustion those 458,752 become a very valuable asset.  Will be interesting to see if their business model changes at that time.


----------



## Francisco (Dec 22, 2013)

http://www.spamhaus.org/sbl/query/SBL208547

http://www.spamhaus.org/sbl/query/SBL208537

It's easy to request space when you sell an /18 to a few U's of space.

I'd love to see if they actually reported the removal of that customer to ARIN or if they simply keep the listing to ARIN.

Francisco


----------



## cubixcloud (Dec 22, 2013)

And those of us that know NRPM you must report /29 or larger via SWIP or rWHOIS.


----------



## jarland (Dec 22, 2013)

Virtovo said:


> Come IPv4 exhaustion those 458,752 become a very valuable asset. Will be interesting to see if their business model changes at that time.


We have a winner. Why else would anyone be so invested in the bottom of the barrel? Easy sales, easy justification.


----------



## vRozenSch00n (Dec 22, 2013)

Virtovo said:


> Come IPv4 exhaustion those 458,752 become a very valuable asset.  Will be interesting to see if their business model changes at that time.


So this is actually a long term investment when IPv4 is depleted.


----------



## cubixcloud (Dec 22, 2013)

It would have to be unless they can truly justify the immediate or 3 month need. I've seen other providers request multiple /17s in a matter of 3 month gap and get them and I know the requests were bs. That would be the new business model because folks talk down IPv6.

IPv6 will only work if providers start pushing it. The eye ball networks are doing more than they were few years back but not enough. It's the hosting industry that can actually force IPv6. 

Now days, when we talk to customers that are looking to build out a network for their business or upgrade, if they don't want to incorporate IPv6 capable equipment in the plan then we simply force them in a nice way.   Also, they have to select a ISP that at least realistically have a plan for IPv6.


----------



## MannDude (Dec 22, 2013)

Don't you need to show active use of 70-80% of your allocation before ARIN justifies an audit? Has ARIN ever 'revoked' IP space due to hoarding or non-justification of current space?


----------



## SkylarM (Dec 22, 2013)

MannDude said:


> Don't you need to show active use of 70-80% of your allocation before ARIN justifies an audit? Has ARIN ever 'revoked' IP space due to hoarding or non-justification of current space?


"Justifying" is simply an excel doc with a list of names and subnets, as well as any further justification for larger allocations. Not sure if they actually verify if an IP is in use via pings or anything like that.


----------



## cubixcloud (Dec 22, 2013)

You must show 80% utilization of all previous space to receive new allocations.

RFC2050.


----------



## cubixcloud (Dec 22, 2013)

MannDude said:


> Don't you need to show active use of 70-80% of your allocation before ARIN justifies an audit? Has ARIN ever 'revoked' IP space due to hoarding or non-justification of current space?


ARIN has revoked space before for fraud, spam, non-payment.


----------



## serverian (Dec 22, 2013)

IIRC, Colocrossing has over 200 racks in Buffalo and Chicago alone.


----------



## Aldryic C'boas (Dec 23, 2013)

serverian said:


> IIRC, Colocrossing has over 200 racks in Buffalo and Chicago alone.


Don't believe it unless you've seen it for yourself.  I don't see them having "200 racks", or even 100, in that little building where we picked up our gear in Buffalo - not without owning a substantial portion of the building itself.  And the chances of that?  Hah.

EDIT:  And if you think about it - look at how quick those jokers are to brag about being "big company".  Someone that interested in showing off would be wanting to give guided tours of their setup, not taking ridiculous measure to keep people from seeing it.


----------



## rds100 (Dec 23, 2013)

To me it also seems that the spinning of multiple ultracheap VPS companies under different names / hidden ownership is just a part of a big IP hoarding operation. They hoard a massive amount of IPs, then when ARIN dries out and the cost of IPs rises, all these companies will be no longer needed and the IPs can be used for more profitable things.


----------



## Virtovo (Dec 23, 2013)

Aldryic C said:


> Don't believe it unless you've seen it for yourself.  I don't see them having "200 racks", or even 100, in that little building where we picked up our gear in Buffalo - not without owning a substantial portion of the building itself.  And the chances of that?  Hah.
> 
> EDIT:  And if you think about it - look at how quick those jokers are to brag about being "big company".  Someone that interested in showing off would be wanting to give guided tours of their setup, not taking ridiculous measure to keep people from seeing it.


There was a photo some time ago that showed a build out of their Buffalo location.  It seemed to suggest around 50 racks.  Who owns the location they are in?  I think they may be bigger than some people are giving them credit for.  There are a few large companies who host with them (Dediserve, VPS6.net etc).  

Their v4 allocation is not reflective of their size however and this is where the problem lies.


----------



## Francisco (Dec 23, 2013)

Virtovo said:


> There was a photo some time ago that showed a build out of their Buffalo location.  It seemed to suggest around 50 racks.  Who owns the location they are in?  I think they may be bigger than some people are giving them credit for.  There are a few large companies who host with them (Dediserve, VPS6.net etc).
> 
> Their v4 allocation is not reflective of their size however and this is where the problem lies.


They rent from CentriLogic which owns the DC space in Buffalo. It's likely that Jon has some sort of ramp up on cabs. Probably 6 months ago Jon went on a selling run trying to offload a bunch of cabs out of Chicago. Price floating around was a cab, 20A, gig unmetered, and a */22* for ~$800/month. 2nd month free, no setup.

Francisco


----------



## Virtovo (Dec 23, 2013)

Lots of providers are helping them do so: http://www.webhostingtalk.com/showthread.php?t=1333582


----------



## scv (Dec 23, 2013)

SkylarM said:


> "Justifying" is simply an excel doc with a list of names and subnets, as well as any further justification for larger allocations. Not sure if they actually verify if an IP is in use via pings or anything like that.


They do attempt to ping and reach IPs in the spreadsheet. They may also ask for detailed information for certain customers in the list.


----------



## drmike (Dec 23, 2013)

Francisco said:


> They rent from CentriLogic which owns the DC space in Buffalo.


Centrilogic should again be noted as a datacenter operator / purchaser.

They are more known perhaps for buying Dacentec's Lenoir datacenter.


----------



## Francisco (Dec 23, 2013)

Virtovo said:


> Lots of providers are helping them do so: http://www.webhostingtalk.com/showthread.php?t=1333582


Ian is the odd one of the group. He'll fight the good fight like posting/creating the first dicussion about all the SolveDDOS/VPSAce brands but realized 15 minutes later what hand feeds him. He then pulled the thread down very quickly, replacing the title and contents with a random youtube and something else.

But yes, you have a few brands that do that. HudsonValley is their primary WHT brand now since the rest either bombed or are banned.

Francisco


----------



## drmike (Dec 23, 2013)

Francisco said:


> Ian is the odd one of the group. He'll fight the good fight like posting/creating the first dicussion about all the SolveDDOS/VPSAce brands but realized 15 minutes later what hand feeds him. He then pulled the thread down very quickly, replacing the title and contents with a random youtube and something else.
> 
> 
> But yes, you have a few brands that do that. HudsonValley is their primary WHT brand now since the rest either bombed or are banned.
> ...


What?  He created a thread and modified that?  Why in the world?


----------



## Francisco (Dec 23, 2013)

drmike said:


> What?  He created a thread and modified that?  Why in the world?


Correct.

Jarland started his own witch hunt because the Oktay created thread derailed within 3 - 4 replies.

Francisco


----------



## drmike (Dec 23, 2013)

I always thought of Oktay as a straight shooter and honest.   No one pulls a thread like that unless Uncle Jon forced the matter on them in the background.   That's disappointing.


----------



## Francisco (Dec 23, 2013)

drmike said:


> I always thought of Oktay as a straight shooter and honest.   No one pulls a thread like that unless Uncle Jon forced the matter on them in the background.   That's disappointing.


I'll play devils advocate and just figure that he didn't want to deal with a probably derailing thread.

Jarland had to battle that in his thread but some big guns came in to help keep things square.

Anyway, you can usually poke around and find CC resellers/etc that will pile on IP's to try to make a sale.

Francisco


----------



## drmike (Dec 23, 2013)

_*"Anyway, you can usually poke around and find CC resellers/etc that will pile on IP's to try to make a sale."*_

This I've noticed.  That and liberal issuance of multiple IPs on low cost VPS.


----------



## SkylarM (Dec 23, 2013)

scv said:


> They do attempt to ping and reach IPs in the spreadsheet. They may also ask for detailed information for certain customers in the list.


Yeah I know about the additional info (usually blocks /25 or larger, sometimes smaller depends on who is dealing with your ticket) wasn't sure about the rest.


----------



## serverian (Dec 23, 2013)

Francisco said:


> Ian is the odd one of the group. He'll fight the good fight like posting/creating the first dicussion about all the SolveDDOS/VPSAce brands but realized 15 minutes later what hand feeds him. He then pulled the thread down very quickly, replacing the title and contents with a random youtube and something else.
> 
> 
> But yes, you have a few brands that do that. HudsonValley is their primary WHT brand now since the rest either bombed or are banned.
> ...


Have you read that thread's comments? People turned against me because I operated multiple brands as well, posted meme pictures and shit and I figured noone is interested in that and changed the post and asked for the thread to be closed.

You know I'm on IRC all the time. Why aren't you talking to me first before saying things like "realizing what hand feeds him".

Noone is feeding me.

I have more services out of CC than with CC. I'm sure I'm not getting the best deals from them either. PM me if you want to see the invoices I paid with them.

I simply edited it because people of LET acted like jerks and missed the point of the thread.

I'm the guy who posted the weird things on LEB before drmike posted.

Your personal vendetta against CC is getting rather annoying. You are attacking everyone without single clue and I really don't appreciate it.


----------



## Francisco (Dec 23, 2013)

They'll keep getting theirs until we're settled out. To date we've still not seen a penny of our refund and I'll go to town on them just like I do hostdime.

I also have beef with spammy providers. I've made *sure* that many brands have never been able to request IP space again because they sold to spammers. In time I'll likely do the same with CC.

Your judgement on who would take interest was far from accurate either. Take a gander at how the thread went on for 5+ pages.

Lets be serious here. You were renting out a *32GB* E3 w/ 4 drives and a */25* for $130/month and you claim to not be getting good deals? Come on now, don't be silly 

EDIT - Added price.

Francisco


----------



## serverian (Dec 23, 2013)

Francisco said:


> They'll keep getting theirs until we're settled out. To date we've still not seen a penny of our refund and I'll go to town on them just like I do hostdime.
> 
> 
> I also have beef with spammy providers. I've made *sure* that many brands have never been able to request IP space again because they sold to spammers. In time I'll likely do the same with CC.
> ...


Why in the hell would I risk getting trolled there even more? That's exactly what happened on that thread I created. Have you see those kinds of comments on Jarland's thread? No? Because those people who trolled either didn't care or wanted to take their shots at me. I simply didn't want that to continue.

I'm not renting or reselling those servers. I've RTO'd them for 36 months and colocating them on the cabinet I have with them. I have a good deal on IPs, however I can count 3 more providers who sell IPs at the same pricing as well.

I'm not in any group. I don't have some secret deals with them. I *know *they do the same deals or even better ones to other LEB providers.

I'm sorry but your judgement is very weak.


----------



## serverian (Dec 23, 2013)

If you still don't believe me, here is the conversation with Harry at that day right after I posted that thread:

[22:16:11] Harry Chan: why u cause drama lol??

[22:16:26] Oktay Kilic: it's totally stupid

[22:16:37] Oktay Kilic: they were at least posting like every 15 days

[22:16:41] Oktay Kilic: now it's 5 days later

[....]

[22:20:14] Harry Chan: I just see no point in complaining if it doesn't change anything... I will if I have enough power to make a difference

[....]

[22:48:20] Oktay Kilic: the fucking thread turned against me lol

[22:49:19] Harry Chan: coz everyone knows, just doesn't want to speak out


----------



## Virtovo (Dec 23, 2013)

serverian said:


> Why in the hell would I risk getting trolled there even more? That's exactly what happened on that thread I created. Have you see those kinds of comments on Jarland's thread? No? Because those people who trolled either didn't care or wanted to take their shots at me. I simply didn't want that to continue.
> 
> I'm not renting or reselling those servers. I've RTO'd them for 36 months and colocating them on the cabinet I have with them. I have a good deal on IPs, however I can count 3 more providers who sell IPs at the same pricing as well.
> 
> ...


You seem like a good guy.  You're developing a large presence in CC so I guess you'll get a larger percentage of the CC flak.


----------



## drmike (Dec 23, 2013)

> I simply edited it because people of LET acted like jerks and missed the point of the thread.
> 
> I'm the guy who posted the weird things on LEB before drmike posted.


 Can't win @serverian. 

I missed the thread and totally see self purging a thread on LET when the mASSES over there go loco in the wrong direction or turn it into a meme party.


----------



## drmike (Dec 23, 2013)

I keep out of most of the "social" aspects of this industry...  This caught my eye:

*"[22:16:37] Oktay Kilic: they were at least posting like every 15 days"*

Who was that in reference to so I can help babysit?


----------



## serverian (Dec 23, 2013)

drmike said:


> I keep out of most of the "social" aspects of this industry...  This caught my eye:
> 
> *"[22:16:37] Oktay Kilic: they were at least posting like every 15 days"*
> 
> Who was that in reference to so I can help babysit?


I meant the VPSAce, Servermania etc. They were getting posted like every 15 days instead of every 5 days 



drmike said:


> Can't win @serverian.
> 
> I missed the thread and totally see self purging a thread on LET when the mASSES over there go loco in the wrong direction or turn it into a meme party.


It's this thread: http://lowendtalk.com/discussion/18338/devil-got-my-woman#latest

Look at it and tell me if you want to keep that thing going yourself.


----------



## drmike (Dec 23, 2013)

serverian said:


> I meant the VPSAce, Servermania etc. They were getting posted like every 15 days instead of every 5 days


Those f*cking bozos.   Unsure how Kossen, Biloh, Vial, etc. keep a straight face with "rules" while continuing to allow posts from those perps.

Glad someone SOLVED the SolveDDoS offer puzzle.

My take is ... ServerMania is partner / has interest in CC.  "Financial interest".


----------



## SkylarM (Dec 23, 2013)

drmike said:


> Those f*cking bozos.   Unsure how Kossen, Biloh, Vial, etc. keep a straight face with "rules" while continuing to allow posts from those perps.
> 
> Glad someone SOLVED the SolveDDoS offer puzzle.
> 
> My take is ... ServerMania is partner / has interest in CC.  "Financial interest".


We'll likely never know eh. Maybe that is the new line, call yourself an investor? Who knows.


----------



## drmike (Dec 23, 2013)

I've noticed folks at CC can't count right either.

What's the current policy on days between offers?  The stated time between offers?  Cause I am sure the written policy is wrong as usual.


----------



## Kris (Dec 23, 2013)

About time people are starting to notice the bigger picture, and their biggest asset.

I started mentioning it... Oh October of last year, when they had 140K IPs and a few tiny PoPs. 

When I worked at HVH (pre-CC ownership) a /26 was requested... Days later (7) /24's were registered under the HVH name. Someone noticed after getting a BlueVM with IPs assigned to HudsonValleyHost.

Policies on days between offers at their dinky site is small beans compared to the /15 + they're holding on to now. Just keep watching Vial suck up every last subnet from 172.x to 192.x.

Now that providers have to jump through hoops for a /22, perhaps you're all now starting to see their end game? Some funny rDNS going on at RLT, but that's small beans compared to CC. 

Time for a special edition of Hoarders!


----------



## drmike (Dec 23, 2013)

Oh someone noticed the RLT reverse DNS humor   Unsure what those lads are thinking with the bulk funny filled RDNS on entire ranges.  That insanity isn't going to fool anyone in an IP audit.


----------



## CVPS_Chris (Dec 23, 2013)

Hahahahahahaha god this thread is an utter joke. The OP, the post by Manndude and Dustin is beyond laughable


----------



## MannDude (Dec 23, 2013)

CVPS_Chris said:


> Hahahahahahaha god this thread is an utter joke. The OP, the post by Manndude and Dustin is beyond laughable


What did I even post? I think I simply asked a question in here, didn't make any claims.


----------



## CVPS_Chris (Dec 23, 2013)

The question you "asked" was purposly asked knowing that the answer was wrong and to let people believe what you said was correct.


----------



## MannDude (Dec 23, 2013)

CVPS_Chris said:


> The question you "asked" was purposly asked knowing that the answer was wrong and to let people believe what you said was correct.


This?



> Don't you need to show active use of 70-80% of your allocation before ARIN justifies an audit? Has ARIN ever 'revoked' IP space due to hoarding or non-justification of current space?


I'm not for sure if it's true or not, which is why it was presented in the form of a question. 

EDIT: I mean, I suppose we could all ping ARIN and have them look into it, if you want. They would know better than myself or anyone else here if everything is up to par.


----------



## drmike (Dec 23, 2013)

CVPS_Chris said:


> Hahahahahahaha god this thread is an utter joke. The OP, the post by Manndude and Dustin is beyond laughable


This thread isn't a joke.  It's just the facts, ma'am.  Don't start squirming in your Speedos  cause someone is looking at your man's stash.


----------



## drmike (Dec 23, 2013)

I do believe hosting falls under ARIN ISP regulations:



> ISP Additional Requests
> 
> ISPs must have efficiently utilized all previous allocations, and at least 80% of their most recent allocation in order to receive additional space. This includes all space reassigned to their customers.
> 
> ...


----------



## MannDude (Dec 23, 2013)

CVPS_Chris said:


> The question you "asked" was purposly asked knowing that the answer was wrong and to let people believe what you said was correct.



Oh hey, I looked it up.  https://www.arin.net/policy/nrpm.html#four24



> 4.2.4.1. Utilization percentage (80%)
> ISPs must have efficiently utilized all previous allocations and at least 80% of their most recent allocation in order to receive additional space. This includes all space reassigned to their customers. Please note that until your prior utilization is verified to meet the 80% requirement, ARIN can neither process nor approve a request for additional addresses.


So by your response I take it that CC doesn't utilize anywhere near that much of their allocation? Hmm. I suppose we should all ping ARIN to investigate further: https://www.arin.net/resources/fraud/ // https://www.arin.net/public/fraud/index.xhtml

ARIN can:



> Based on the results of our investigation, ARIN may:
> 
> 
> Reclaim any resources that were issued or transferred based on fraudulent data
> ...


Wow. Well, I know what I'm doing now after my pizza is out of the oven. Thanks.


----------



## MannDude (Dec 23, 2013)

Woah! Almost jinxed you Dr. Mike.


----------



## drmike (Dec 23, 2013)

If they fall under ISP they can request IPs six months out supply wise.  Can't see growth at CC legitimately involving the use of over 100k more  IPs in next six months.  But you know I have my bias like that and managed to master counting to large numbers beyond 10.


----------



## drmike (Dec 23, 2013)

I feel bad for CC + CVPS.   They are capable, but this IP collection schema.  Crap, the trolls online sniffed it and some academic at a prestigious university smacked lips about it...

ColoCrossing Makes List of Largest ARIN Free Pool IP Acquirers in 2013 is nearly an exact title taken from the professor's paper.  

The joke is ARIN allows this behavior and large issuance of IPs to companies that aren't utilizing prior issued ranges and that ARIN isn't reclaiming IPs when those justifying the allocation move out / on / away from CC and similar hoarding companies.

If you read the paper you will see the whole IPV6 avoidance and even some cost/value numbers when shortage hits.


----------



## cubixcloud (Dec 23, 2013)

We are in phase 3 of the countdown process and under current nrpm an ISP can only request up to 3 month supply now days.


----------



## jarland (Dec 23, 2013)

drmike said:


> I feel bad for CC + CVPS. They are capable, but this IP collection schema. Crap, the trolls online sniffed it and some academic at a prestigious university smacked lips about it...
> 
> 
> ColoCrossing Makes List of Largest ARIN Free Pool IP Acquirers in 2013 is nearly an exact title taken from the professor's paper.
> ...


ARIN has so much to deal with they probably overlook some key details. They've learned how to work the system is all.


----------



## drmike (Dec 23, 2013)

jarland said:


> ARIN has so much to deal with they probably overlook some key details. They've learned how to work the system is all.


Hell, I'll gladly audit CC's issuance and justification applications for FREE.


----------



## cubixcloud (Dec 23, 2013)

We've discussed this IPv6 avoidance on nanog and arin lists.


ARIN does a good job for what they have to work with. However, its not perfect. Each member of ARIN is expected to be good stewards of the space they are assigned.


----------



## cubixcloud (Dec 23, 2013)

Also, if you can show at least 80% assigned for all previous assignements either through SWIP or rWHOIS they will usually approve you once they do some vetting.


----------



## SkylarM (Dec 24, 2013)

drmike said:


> If they fall under ISP they can request IPs six months out supply wise.  Can't see growth at CC legitimately involving the use of over 100k more  IPs in next six months.  But you know I have my bias like that and managed to master counting to large numbers beyond 10.


Hosting providers do fall under the ISP guidelines, yes. End-user is totally different than what webhosts are providing.


 

 



CVPS_Chris said:


> The question you "asked" was purposly asked knowing that the answer was wrong and to let people believe what you said was correct.


Plenty of time to criticize posts relating to your "upstream" that you "share office space with", but not enough regarding your UGVPS company I see. Merry Christmas.


----------



## SkylarM (Dec 24, 2013)

cubixcloud said:


> Also, if you can show at least 80% assigned for all previous assignements either through SWIP or rWHOIS they will usually approve you once they do some vetting.


Only have to provide information related to your last IP allocation from ARIN. Your older allocations are *assumed* to be no different than the information you provided for it when you applied for your new block (or at least very minimal changes in allocations assigned). They ask you to give a % of utilization of all prior blocks, but no other documentation.

As an example:


Once I had my very first /22 at requirement, I had to provide information for for a  /21 to be approved

Once my /21  was at-requirement and I needed to apply for a /20, I had to provide information relating to *ONLY* my last block (being the /21) -- the /22 is assumed unchanged.

Once my /20 was at-requirement, I applied for a /19 and provided information relating to *ONLY* my last block (being the /20) - the /21 and /22 is assumed unchanged.

 




drmike said:


> The joke is ARIN allows this behavior and large issuance of IPs to companies that aren't utilizing prior issued ranges and that ARIN isn't reclaiming IPs when those justifying the allocation move out / on / away from CC and similar hoarding companies.


Unfortunately ARIN is a relatively small team with regular requests for IP space from a very large amount of providers. They DO have a policy to investigate IP requests in great detail, but these are typically reserved for some of the very-largest allocations. The entire system operates under an honor system, which it should be able to use without much incident. Some people just feel the need to abuse every situation for whatever gain they can, unfortunately.

I'd imagine when stage 4 is nearly exhausted, or sometime during stage 4, they will have more time to investigate companies they feel are cheating the system and react accordingly. Companies don't technically OWN any of the IPs ARIN gives us. We pay a membership fee to gain access to the resources. ARIN is well within their rights to take back any allocation at any time as they see fit. Unless, of course, you have legacy IP space.


----------



## Aldryic C'boas (Dec 24, 2013)

SkylarM said:


> Plenty of time to criticize posts relating to your "upstream" that you "share office space with", but not enough regarding your UGVPS company I see. Merry Christmas.


Perhaps he got tired of being the princess of the pair, and wanted to try being the shining knight for a change.  Except in this case, instead of a dramatic rescue of his lover it was more of a tragic stumble on dismount, then trying to have drunken sex with the horse.


----------



## Francisco (Dec 24, 2013)

> They DO have a policy to investigate IP requests in great detail, but these are typically reserved for some of the very-largest allocations.


Not true.

The providers I've busted have all be in the ~/19 total space range, a few a bit bigger.

Francisco


----------



## SkylarM (Dec 24, 2013)

Francisco said:


> Not true.
> 
> 
> The providers I've busted have all be in the ~/19 total space range, a few a bit bigger.
> ...


I mean regarding applying for IP space. They have a policy in place to forward and manually review all requests that request a /15 or larger iirc. I forget what the exact number is, but their stage 3 policy has something requiring some additional steps/work done on ARIN's part for a very large request.

 




Aldryic C said:


> Perhaps he got tired of being the princess of the pair, and wanted to try being the shining knight for a change.  Except in this case, instead of a dramatic rescue of his lover it was more of a tragic stumble on dismount, then trying to have drunken sex with the horse.


 

Thanks for the laugh, that's great.


----------



## Francisco (Dec 24, 2013)

ARIN requires that you sign a contract now for every allocation stating you aren't being a douchebag with them.

I'm sure ARIN has some good clauses within the contract to bitch slap you if you act up.

Anyway. When colospamming had their 20k - 40k+ IP's on spamhaus I wrote a very quick script that scraped their entire IP space for PTR records. If drmike or Curtis want some gas for their fire, it'd take just a little bit of parsing to turn it into a very solid report for ARIN.

Francisco


----------



## k0nsl (Dec 24, 2013)

If we're lucky we get to see Colocrossing in the 2014 movie “Coloncrossing — Arin, Where’s My IPs?“   :lol:


----------



## cubixcloud (Dec 24, 2013)

@SkylarM our experience has been they actually request previous allocation information and didn't assume anything.


Other providers I know had the same experience so it probably varies from the analyst to analyst handling the ticket.


----------



## SkylarM (Dec 24, 2013)

cubixcloud said:


> @SkylarM our experience has been they actually request previous allocation information and didn't assume anything.
> 
> 
> Other providers I know had the same experience so it probably varies from the analyst to analyst handling the ticket.


It wouldn't surprise me. I've done 3 requests and they've all been the same way so I just assume it's standard policy. Doesn't always have to be I suppose.


----------



## vRozenSch00n (Dec 25, 2013)

Aldryic C said:


> trying to have drunken sex with the horse.


Ha ha ha ha.... I can't stop laughing reading that phrase. You are a nasty trend setter.


----------



## kaniini (Dec 25, 2013)

The more interesting thing in that report is that Enzu and Ubiquity are also in the top 10 of hoarders.

I will be sure to bring all three up next time I talk to ARIN.


----------



## Coastercraze (Dec 25, 2013)

Francisco said:


> http://www.spamhaus.org/sbl/query/SBL208547
> 
> http://www.spamhaus.org/sbl/query/SBL208537
> 
> ...


Would you look at that, they're "resolved" now?


----------



## Francisco (Dec 25, 2013)

Coastercraze said:


> Would you look at that, they're "resolved" now?


Sweet talked I guess.

The same /18 got listed twice at 2 different times for 2 different spammers.

Blame likely got passed off as it was due to a reseller.

Francisco


----------



## serverian (Dec 25, 2013)

Found this BTW: http://www.senderbase.org/static/spam/#tab=3


----------



## DomainBop (Dec 25, 2013)

The rapid accumulation of IPv4 by some companies could easily be solved if ARIN would just listen to my suggestion and refuse new allocations of IPv4 to any provider who hasn't implemented IPv6 yet. 

_this comment was influenced a tiny little bit by my visit to LEB a few minutes ago: 0 of the last 10 providers featured on LEB offered IPv6 in their offers._..


----------



## cubixcloud (Dec 26, 2013)

serverian said:


> Found this BTW: http://www.senderbase.org/static/spam/#tab=3


There are a few providers on that list we've reached out to in order to report spam as a friendly provider and they ignored our communications period. We even had a customer try to sign up with us saying look we've got a /24 allocated to us we are good. Can you assign us one? WTH really?? :angry:

 If good providers would start dropping the providers on that list who ignore abuse issues then the Internet would be better off. But then again, that won't happen!


----------



## cubixcloud (Dec 26, 2013)

@kaniini haha.


----------



## NodePacket (Dec 26, 2013)

I've seen a couple providers that make you fill out multiple documents providing justification reasons for even a /29. I guess as the IPs get lower, people get more strict.


----------



## qps (Dec 26, 2013)

NodePacket said:


> I've seen a couple providers that make you fill out multiple documents providing justification reasons for even a /29. I guess as the IPs get lower, people get more strict.


ARIN has started asking for more documentation.  If you don't have the documentation, ARIN won't give you more addresses until you can produce it.


----------



## SkylarM (Dec 26, 2013)

NodePacket said:


> I've seen a couple providers that make you fill out multiple documents providing justification reasons for even a /29. I guess as the IPs get lower, people get more strict.


Honestly it's an easy deterrent. Spammers etc may ask for a /29 but if you ask for justification forms to be filled out they usually won't bother with all the extra effort.


----------



## SkylarM (Dec 27, 2013)

Lets add another /14 to the list shall we!

http://whois.domaintools.com/107.175.255.255


----------



## cubixcloud (Dec 27, 2013)

SkylarM said:


> Lets add another /14 to the list shall we!
> 
> http://whois.domaintools.com/107.175.255.255


Why are we adding this block?


----------



## SkylarM (Dec 27, 2013)

cubixcloud said:


> Why are we adding this block?


Because ColoCrossing JUST got it today.

a /14 is 262144 IPs.


----------



## cubixcloud (Dec 27, 2013)

Haha when I saw it on domaintools I quickly glanced at the record and just saw reg in 2005 but that was the organization not the IP block. Yep...I see it on my email also [arin-issued] list.

http://whois.arin.net/rest/org/VGS-9/nets

I wonder how does one seriously apply for a /14 and get it?


----------



## SkylarM (Dec 27, 2013)

cubixcloud said:


> Haha when I saw it on domaintools I quickly glanced at the record and just saw reg in 2005 but that was the organization not the IP block. Yep...I see it on my email also [arin-issued] list.
> 
> http://whois.arin.net/rest/org/VGS-9/nets
> 
> I wonder how does one seriously apply for a /14 and get it?


As per ARIN Stage 2 policies that carry over to Stage 3, a team of Senior Analysts are supposed to handle requests over /16's. Not sure what CC did. It likely had something to do with routing /18's to 1 dedicated server and Swipping it in the name of a spammer for the sake of the application. Unfortunate really.


----------



## cubixcloud (Dec 27, 2013)

@SkylarM SMH. Pretty sad!


----------



## rds100 (Dec 28, 2013)

Interesting, ARIN had 1.54 or 1.53 /8s left just before Xmas, and is down to 1.50 today. Seems someone has been working overtime.


----------



## ocitysolutions (Dec 28, 2013)

rds100 said:


> Interesting, ARIN had 1.54 or 1.53 /8s left just before Xmas, and is down to 1.50 today. Seems someone has been working overtime.


I noticed the same thing. Was surprised by the rapid drop.


----------



## wv-sh (Dec 28, 2013)

Last spring we signed a contract for colocation with ColoCrossing. To put it simply, we won't be increasing our footprint, nothing is wrong with the service, we just don't agree with how they appear to do business.

We were recently going through some old emails collecting copies of our old sales orders. While sorting through these emails we came across some interesting conversations that fit in well with a number of the discussions that have been taking place here on VPSBoard.

We feel these emails needed to come to light as they show deception and bad practices on their part. The emails show how lax their policies are in regards to IPv4 justification as well as how they lied to us regarding IPv6 availability. We will be glad to answer questions about the context, within reason.

Please note we have censored these documents in an effort to be anonymous. They should be read from the bottom up.

Emails regarding IPv4 justification: http://puu.sh/613yn.pdf

IPv6 Availability Part 1: http://puu.sh/613Bo.pdf

IPv6 Availability Part 2: http://puu.sh/614jp.pdf


----------



## GIANT_CRAB (Dec 28, 2013)

edward snowden pls go away.



Spoiler



we already know NSA is spying on us

anyone who uses colocrossing services are stupid


----------



## MannDude (Dec 28, 2013)

Wait, CC has IPv6 or simply completely lied about it?



> IPV4 resources are 25 cents an IP a month. Justification is reasonable. Anything like cloud, vps, vpn, etc, is
> 
> justification.


That doesn't even make sense.

Think I'm going to merge this with the "ColoCrossing Makes List of Largest ARIN Free Pool IP Acquirers in 2013 " thread though since it's mostly related to that.


----------



## drmike (Dec 28, 2013)

Welcome @wv-sh!



> "Justification is reasonable. Anything like cloud, vpn, etc. is justification"


That's not IP justification reason.


VPN for example often uses shared IP pools and not a per customer IP burn approach.Having a cloud/cluster isn't defacto blanket reason for legit IP issuance.


IP issuance/use requires an IP justification form based on ARIN standards, which are lacking.


If something can be NAT'd it should be, not ARIN rule, but common good sense./29 or greater requires SWIP of info on the range, with customer name and street address info.



> ISPs are required to apply a utilization efficiency criterion in providing address space to their customers. To this end, ISPs should have documented justification available for each reassignment. ARIN may request this justification at any time. If justification is not provided, future receipt of allocations may be impacted. In extreme cases, existing allocations may be affected.





> Reassignment information for prior allocations must show that each customer meets the 80% utilization criteria and must be available via SWIP/RWHOIS prior to your issuing them additional space.


ARIN continues to be at fault. They are allowing misuse and fraudulent allocation of IPs. ARIN needs to start auditing and reclaiming IPs.


----------



## Kris (Dec 28, 2013)

https://www.arin.net/public/fraud/index.xhtml

That is all.


----------



## Kris (Dec 28, 2013)

http://bgp.he.net/net/107.152.128.0/17#_whois

Looks like now that B2 / ServerMania is announced, they got the CC IP treatment, a /17. 

ARIN must not be too bright, then again they did use the mall as an address instead of the daycare center:



> OrgName: B2 Net Solutions Inc.
> OrgId: BNS-34
> Address: 350 Main Street
> City: Buffalo
> ...


----------



## DomainBop (Dec 28, 2013)

Kris said:


> http://bgp.he.net/net/107.152.128.0/17#_whois
> 
> Looks like now that B2 / ServerMania is announced, they got the CC IP treatment, a /17.
> 
> ARIN must not be too bright, then again they did use the mall as an address instead of the daycare center:


It's not often that you see someone who has 168,448 IPs originated and is single homed to one upstream provider.  <<sarcasm emoticon>>


----------



## ocitysolutions (Dec 28, 2013)

Should we surprised if we see CC getting a /13 within a few months?


----------



## Francisco (Dec 28, 2013)

ocitysolutions said:


> Should we surprised if we see CC getting a /13 within a few months?


Quite possible. Only host around that has been sold out for ages yet finds a use for a /13. I know they swing around some image of a room full of servers, but none of them were 4 bay servers so they weren't getting rented as VPS nodes (what would burn the most IP's legally). Granted, I'm sure spammer boxes don't need anything but a lot of BW.

If they were ever looking to be bought out then it'll be the biggest asset. No one wants a slew of old ass E3's now. Shiiit, I've been selling off complete E3's for $500/ea.

Francisco


----------



## rds100 (Dec 28, 2013)

There is not much time left to do it. Arin was at the 2.00 /8s left mark on the first of August. It took 5 months to burn 0.50 /8s, so i'd say this game ends on 1st of June or sooner - i.e. then Arin will have only one /8 left and should stop handing out big allocations.


----------



## Francisco (Dec 28, 2013)

rds100 said:


> There is not much time left to do it. Arin was at the 2.00 /8s left mark on the first of August. It took 5 months to burn 0.50 /8s, so i'd say this game ends on 1st of June or sooner - i.e. then Arin will have only one /8 left and should stop handing out big allocations.


Not should, will. Rules kick in limiting subnets to a single /22 per provider if they have an ipv6 game plan.

Francisco


----------



## SkylarM (Dec 28, 2013)

Kris said:


> http://bgp.he.net/net/107.152.128.0/17#_whois
> 
> Looks like now that B2 / ServerMania is announced, they got the CC IP treatment, a /17.
> 
> ARIN must not be too bright, then again they did use the mall as an address instead of the daycare center:


Wait what the hell. Since when does a company that can apply for their own IP allocations, and HAS their own IP allocations continue to need IPs from their upstream? Doesn't look fishy at all. Nope. Not at all.


----------

