Internet Safety

Our ideal is realize the safe Internet. We think that any network operators has a responsibility to improve the problems of the Internet. Therefore the following measures were implemented in our network.

1. Antispoofing

We have implemented Ingress Filtering by uRPF based on BCP38(RFC2827) and BCP84(RFC3704). It is enforced to any users of Experimental Connectivity Services.

  • Single homed customer : uRPF strict mode policy
  • Multi homed customer : uRPF loose mode policy

2. Filtering

For transit or private peer connection, we have implemented route filters for both directions which recommended in extension of the JANOG comment 1000/1006.

JANOG Comment (japanease only): https://www.janog.gr.jp/doc/janog-comment/

For customer peer connection, we have implemented Prefix and AS-Path based route filter for inbound routes.

3. Database registration

We maintain IRR objects in timely manner.
The route objects and as-set object(AS-HOMENOC) is registered in RADB and JPIRR.

We requires IRR registration if customers wants to use their PI addresses. We checks IRR records periodically to avoid unfair use.

We also maintain whois records in timely manner.

4. RPKI

We have registered ROA objects to RPKI systems which provided by JPNIC.

  • Registered ROA objects
    • 2403:bd80::/32-48 (AS59105)
    • 103.48.31.0/24 (AS59105)
    • 103.202.216.0./23-24 (AS59105)
    • 103.247.181.0/24 (AS59105)

Our backbone router refers the ROA cache server which provided by JPNIC and Internet Multifeed and executes Route origin validation.
When router founds any routes which invalidated in Route origin validation process, Local Preference of the route will be set to lower value than other routes.