On 1/20/21 9:58 AM, j k wrote:
My question becomes, what level of risk are these companies taking on by using the DoD ranges on their internal networks? And have they quantified the costs of this outage against moving to IPv6?
Honestly I can't think of much unless maybe they're a defense contractor that would potentially end up with DoD ranges (non-isolated/classified networks) in their view of the global routing table. Appropriately treating it like "my networks" and/or RFC1918 in your routing policies (not exporting it, not accepting routes for it, etc.) would be required to properly ensure network stability of course. Some OSes treat RFC1918 space as inherently "special" (extra trusted, etc.) and wouldn't treat the DoD ranges as such, but those behaviors are typically undesirable or at least not relied on on a network of that scale, anyway. Not that I'd recommend it. -- Brandon Martin