Dear Akamai, you got a /32 there not a bunch of /48s - how to break Facebook and annoy lots of users
Gert Doering
gert at space.net
Tue Aug 21 11:20:45 CEST 2012
Hi,
On Tue, Aug 21, 2012 at 08:50:01AM +0200, Tore Anderson wrote:
> filtering. Under current RIPE policies, any back-yard LIR can get an
> IPv6 /29. That's 524288 /48s. Next consider the possibility that someone
> will fat finger and leak every single one of those into the DFZ. It will
> be very difficult to automatically distinguish between such a leak and
> your current use of /48s.
Oh, that's quite easy. Look at the route6: objects. Accidential leaks
won't have any...
(Alternatively, look at the ROAs, but those might actually be wrong - people
leaking zillions of /48s might as well click on "up to /128 is ok!" in
their ROAs...)
Gert Doering
-- NetMaster
--
have you enabled IPv6 on something today...?
SpaceNet AG Vorstand: Sebastian v. Bomhard
Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann
D-80807 Muenchen HRB: 136055 (AG Muenchen)
Tel: +49 (89) 32356-444 USt-IdNr.: DE813185279
More information about the ipv6-ops
mailing list