Perhaps it is an attempt to make their address space so sparsely populated that it's close to impossible to find a host without knowing it's address in the first place? On Fri, May 16, 2008 at 1:09 PM, Jeroen Massar <jeroen@unfix.org> wrote:
Hi folks,
As everybody is a big fan of securing their networks against foreign attacks, be aware that the US DoD has been assigned 14 /22's, IPv6 that is, not IPv4, they all come from a single IPv6 /13 though, which is what they apparently asked for in the beginning, at least that was the rumor, well they got what they wanted.
I've recorded it into GRH as a single /13 though, as that is what it is, and I am not going to bother whois'ing and entering the 14 separate entries there, as that is useless, especially as they will most likely never appear in the global routing tables anyway.
Depending on your love for the US, you might want to add special rules in your network to be able to easily detect Cyber Attacks and other such things towards that address space, to be able to better serve your country, may that be the US or any other country for that matter.
I am of course wondering why ARIN gave 1 organization 14 separate /22's, even though they are recorded exactly the same, just different prefixes and netnames and it is effectively one huge /13. They could easily have been recorded as that one /13, it is not like eg Canada (no other countries that fall under ARIN now is there) will get a couple of the chunks of remaining space in between there. By assigning them separate /22's, they effectively are stating that it is good to fragment the address space and by having them recorded in whois, also that announcing more specifics from that /13 is just fine.
The other fun question is of course what a single organization has to do with (2^(48-13)=) 34.359.738.368, yes indeed, 34 billion /48's which cover 2.251.799.813.685.248 /64's which is a number that I can't even pronounce. According to Wikipedia the US only has a mere population of 304,080,000, that means that every US citizen can get a 1000+ /48's from their DoD, thus maybe every nuclear warhead and every bullet is getting their own /48 or something to be able to justify for that amount of address space. At least this gives the opportunity to hardcode that block out of hardware if you want to avoid it being ever used by the publicly known part of the US DoD. I wouldn't mind seeing the request form that can justify this amount of address space though, must be a lot of fun.
Now back to your regular NANOG schedule....
Greets, Jeroen
(who will hide himself in a nice Swiss nuclear bunker till the flames are all gone ;)
1) http://en.wikipedia.org/wiki/United_States which points to: http://www.census.gov/population/www/popclockus.html
_______________________________________________ NANOG mailing list NANOG@nanog.org http://mailman.nanog.org/mailman/listinfo/nanog