I'm not sure that I would tar everyone who does NXDOMAIN remapping with the same brush as SPAM and DDOS. Handled the way OpenDNS does, on an opt-in basis, it's a "good thing" IMO. I would also say that disaggregating and remarketing dark address space, assuming it's handled above board and in a way that doesn't break the 'net, could be a "very good thing". The artifact of MIT and others having /8s while the entire Indian subcontinent scrapes for /29s, can hardly be considered optimal or right. It's time for the supposedly altruistic good guys to do the right thing, and give back the resources they are not using, that are sorely needed. How about they resell it and use the money to make getting an education affordable? The routing prefix problem, OTOH, is an artificial shortage caused by (mostly one) commercial entities maximizing their bottom line by producing products that were obviously underpowered at the time they were designed, so as to minimize component costs, and ensure users upgraded due to planned obsolescence. Can you give me a good technical reason, in this day of 128 bit network processors that can handle 10GigE, why remapping the entire IPv4 address space into /27s and propagating all the prefixes is a real engineering problem? Especially if those end-points are relatively stable as to connectivity, the allocations are non-portable, and you aggregate. How is fork-lifting the existing garbage for better IPv4 routers any worse than migrating to IPv6? At least with an IPv4 infrastructure overhaul, it's relatively transparent to the end user. It's not either/or anyway. Ideally you would have an IPv6 capable router that could do IPv4 without being babied as to prefix table size or update rate. IPv4 has enough addresses for every computer on Earth, and then some. That having been said, I think going to IPv6 has a lot of other benefits that make it worthwhile. YMMV, IANAL, yadda yadda yadda
-----Original Message----- From: Paul Vixie [mailto:vixie@isc.org] Sent: Sunday, May 04, 2008 9:39 AM To: nanog@merit.edu Subject: Re: [NANOG] fair warning: less than 1000 days left to IPv4
nanog@daork.net (Nathan Ward) writes:
That also doesn't take into account how many /8's are being hoarded by organizations that don't need even 25% of that space.
Unless you're expecting those organisations to be really nice and make that address space available to other organisations (ie. their RIR/ LIR, or the highest bidder on ebay), ...
first, a parable:
in datacenters, it used to be that the scarce resource was rack space, but then it was connectivity, and now it's power/heat/cooling. there are fallow fields of empty racks too far from fiber routes or power grids to be filled, all because the scarcity selector has moved over time. some folks who were previously close to fiber routes and/or power grids found that they could do greenfield construction and that the customers would naturally move in, since too much older datacenter capacity was unusable by modern standards.
then, a recounting:
michael dillon asked a while back what could happen if MIT (holding 18/8) were to go into the ISP business, offering dialup and/or tunnel/VPN access, and bundling a /24 with each connection, and allowing each customer to multihome if they so chose. nobody could think of an RIR rule, or an ISP rule, or indeed anything else that could prevent this from occurring. now, i don't think that MIT would do this, since it would be a distraction for them, and they probably don't need the money, and they're good guys, anyway.
now, a prediction:
but if the bottom feeding scumsuckers who saw the opportunity now known as spam, or the ones who saw the opportunity now known as NXDOMAIN remapping, or the ones who saw the opportunity now known as DDoS for hire, realize that the next great weakness in the internet's design and protocols is explosive deaggregation by virtual shill networking, then we can expect business plans whereby well suited shysters march into MIT, and HP, and so on, offering to outsource this monetization. "you get half the money but none of the distraction, all you have to do is renumber or use NAT or IPv6, we'll do the rest." nothing in recorded human history argues against this occurring. -- Paul Vixie
_______________________________________________ NANOG mailing list NANOG@nanog.org http://mailman.nanog.org/mailman/listinfo/nanog