You should be using /126 or /127 for point to point links that touch external networks unless you like extraneous NS messages and full neighbor cache tables. :) On Tue, Jun 27, 2017 at 4:36 PM, Job Snijders <job@instituut.net> wrote:
On Tue, 27 Jun 2017 at 22:29, Krunal Shah <KShah@primustel.ca> wrote:
Hello,
What subnet mask you are people using for point to point IPs between two ASes? Specially with IPv6, We have a transit provider who wants us to use /64 which does not make sense for this purpose. isn’t it recommended to use /127 as per RFC 6164 like /30 and /31 are common for IPv4.
Yes, "longer than /64" subnets are fine for point2point. If the equipment on both sides supports RFC 6164 I'd use a /127, otherwise a /126.
I was thinking, if someone is using RFC7404 for point to point IP between
two ASes and establish BGP over link local addresses. This way you have your own IP space on your router and transit provider does not have to allocate IP space for point to point interface between two ASes. In traceroutes you would see only loopback IP address with GUA assigned from your allocated routable address space. Remotely DDoS to this link isn’t possible this way. Thoughts?
I wouldn't use link-local in context of Inter-Domain Routing. Too hard to troubleshoot, many networks expect globally unique IP addresses for their BGP neighbors, you want to be able to call a NOC and have the IPs function as semaphore for the circuit ID.
What you could do is set aside a block which you blackhole or tarpit through ingress ACLs, and use linknets from that "globally unusable ip space". Some providers can offer you a router2router linknet from such unreachable IP space so you don't have to set it apart.
Kind regards,
Job