Siraj 'Sid' Rakhada
virtualsid at gmail.com
Tue Feb 8 10:55:01 CET 2011
On 08/02/2011 09:18, Gert Doering wrote:
> On Mon, Feb 07, 2011 at 07:26:59PM +0000, Brandon Butterworth wrote:
>>> there are cases where ISP networks are run by the same entity but
>>> for some or the other reason are not connected - so they have a single
>>> /32 for both [or even multiple] parts, and *need* to deaggregate...)
>> No they don't, give them extra separate space.
It's just a bit more admin on the route origin side, especially as an
RIR would have to approve each request, but that's not your problem, nor
should it be.
Brandon, should I also take it to mean you are filtering quite strictly
on the PA space ranges? So far from this thread only Bernhard Schmidt
has stated anything specific (filtering up to /36 on PA ranges). If even
just one ISP is filtering, it means the scenario I mentioned (splitting
/32 into /40s) is pointless, so now it's just academic.
> That's just playing pingpong with politics. "So the routing folks are
> not able to come up with a recommendation, so we put the pressure on
> the address policy group to come up with criteria who is allowed to
> have a second slot in the routing table (and bonus addres space that
> comes with it!) and who is not".
Well, if there is ever a proper consensus, then it would be good to have
it documented by the RIRs - as that seems to be the first place people
look - whether or not it is the correct one. :)
>> For that little convenience for a few why should the entire net be at
>> the mercy of rampant deaggregation either eating your routers or letting
>> people do more specifics of your routes, some will deagg down to whatever
>> is the limit (/48?) to protect themselves from that.
> I'm pretty sure that someone who deaggs his /32 to 65000 /48s (!) is going
> to be hanged by angry mob pretty quickly...
To be honest, in my scenario, the idea was actually to split (at most)
upto /40s, and hopefully aggregate them up to /39s or bigger, depending
on growth in certain areas. It's just thought processes at the moment.
I wouldn't want to put out a solution that deaggregated into /48s - if I
ever got forced to do that, I definitely wouldn't want my name anywhere
near it. :)
Then again, people who deaggregate large IPv4 ranges into /24s don't get
hanged by angry mobs - I don't see that changing with IPv6... Even when
they have the same AS path!
In either case, route objects would exist for all routes announced. This
is done for v4 already in our situation, so wouldn't change for v6.
BTW Gert - even though your page should not necessarily be taken
verbatim, it's the simplest to find at the moment, and it's what we can
attempt to base our ideas on, because there's no other documented policy
that I can find!
Looks like we may need to rethink this whole IPv6 addressing scheme
though, and go back to the drawing board, unless a consensus is reached
somewhere public on what should be filtered, and it's big good enough
for our scenario. The main thing is, we can do this on IPv4 PA space,
but that's because there are few rules other than a fairly universal
'filter on /24'.
Thanks for the input so far,
More information about the ipv6-ops