CloudFlare IPv6 BGP announcements - WTF guys?
Brandon Butterworth
brandon at bogons.net
Mon Jul 16 22:56:00 CEST 2012
On Mon Jul 16, 2012 at 09:15:17PM +0200, Daniel Roesen wrote:
> Wether you see /32 PA more-specifics from all the CDN nodes, or PI /48s
> doesn't make a difference at all, technically.
It makes a huge differnce.
With the latter the /48's will be from a range we expect /48's
from (hopefully). With the former it's from a range we'd rather
not have to leave open to /48's. Slightly classful can be useful.
For their use it is no difference but from my view it is a huge
risk - potentially anyone can easily have accepted a more specific
for me or something important to me. I'd rather we all didn't have
to accept that, thus people are more likely to have reasonable
deagg filters. Some will just deagg crazily too given the chance
made possible by people like CloudFlare.
Keep a sensible deagg filter and CloudFlare may fix themselves
and not put anyone else at more risk.
brandon
More information about the ipv6-ops
mailing list