Subject: RE: Another LTE network turns up as IPv4-only squat space + NAT Date: Wed, Jul 18, 2012 at 10:36:31PM -0400 Quoting Chuck Church (chuckchurch@gmail.com):
I disagree. I see it as an extra layer of security. If DOD had a network with address space 'X', obviously it's not advertised to the outside. It never interacts with public network. Having it duplicated on the outside world adds an extra layer of complexity to a hacker trying to access it. It's not a be-all/end-all, but it's a plus. A hacker who's partially in the network may try to access network 'X', but it routes to the outside world, tripping IDSs...
Then DoD should go for using something like the v6 documentation prefix or similar. It both is in many peoples filters and (as referenced here recently) is being used for stuff that "never" (promise! or at least not until we change our minds) is going to need connectivity. I do not see DoD handing back its allocations in the name of promoting unreachability by swapping it for reusable space.. It probably values the uniqueness property of allocated space too much. And rightly so. No, reusing somebody's prefix is A Very Bad Idea. I'm having a very hard time believing the alleged "ok" is anything but cheap talk. -- Måns Nilsson primary/secondary/besserwisser/machina MN-1334-RIPE +46 705 989668 The Osmonds! You are all Osmonds!! Throwing up on a freeway at dawn!!!