Dear Akamai, you got a /32 there not a bunch of /48s - how to break Facebook and annoy lots of users
Nick Hilliard
nick at foobar.org
Mon Aug 20 20:48:38 CEST 2012
On 20/08/2012 19:25, Marco d'Itri wrote:
> Because some people are trying hard to not repeat the same errors which
> are causing the tragedy of the commons of the IPv4 DFZ.
There is no tragedy of the commons here.
The Tragedy of the Commons was a cautionary historical incident where a
small number of people abused a common resource and caused a complete,
permanent collapse of that resource.
In the case of the ipv4 dfz, we have a commonage which is well within the
scaling bounds of equipment which has been on sale for the last 7 years,
and which looks like it will scale for several years to come. At that
stage, normal kit retirement will come into play and the next generation of
kit will scale well beyond what's currently available, which will
accommodate expected DFZ growth for many years to come.
Even if for some reason the v6 table explodes and smashes everyones'
forwarding engines, we still then have the option of targeted filtering
because on a global scale, resource consumption will tend to follow a
Pareto distribution. This means we can cherry pick the greatest abusers
and filter them until they sort out their broken policies (i.e. it will
hurt them more than anyone else).
All of which is to say that in the worse case, it is not feasible at
current usage growth rates that we will sustain a complete collapse of the
Internet due to unconstrained DFZ growth, even in the long term.
The sky is not falling (I checked earlier today).
Even still, let's just be sensible. Let's do our prefix aggregation
carefully because we know that too much is bad.
> You mean, get 800 separate separate PI assignments from the RIRs? What
> problem is that going to solve other than annoying the LIRs? Would you be
> happier if Akamai announced 800 /32s instead?
But if Akamai or some other organisation which has 800 publicly routed
sites, then they're going to need 800 v6 prefixes. It is pointless to tell
them that they need to use /32 for each just to get around peoples'
filters. Insisting on /32 for each site is fixing the wrong problem.
Also, please note ripe-555, section 4.
Nick
More information about the ipv6-ops
mailing list