On Jan 22, 2008 2:11 PM, Iljitsch van Beijnum <iljitsch@muada.com> wrote:
I'm quite unhappy about the trend to put everything in their own blocks that happen to be the longest possible prefixes. This means that one oversight in prefix length filtering can take out huge numbers of important nameservers.
and you have a giant confluence of number resource management and operational practices here as well.
We really need as much diversity as we can get for this kind of stuff. There is no one single best practice for any of this.
For roots? TLD? ccTLD? (is there a potential difference between the TLD types?) Is diversity in numbers of networks and numbers of locations per entity good enough? (.iq served out of US, Iraq, AMS on 3 different netblocks by 3 different operators ideally serviced by a central controlling gov't entity... wait .iq changed... use .co as the example) Is, for lack of a quicker example: .iq 'good' or could they improve by shifting their NS hosts to blocks outside the /16 194.117.0.0/16? or does it matter at all because they have each announced as a /24 with no covering route?? (so if someone fudged a /24 max prefix length filter to /23 they'd be broken either way?) Some of this is covered in rfc2182 anyway, right? -Chris