If someone owns their own /20 which they received from Arin back in the day and they want to subnet and use part of it (/24) in Europe. Would their be any problems if the wanted to advertise the North American issued space from a European AS? I know they would not be good Internet citizen, but if they needed to do this for a temp basis does anyone see an issue? Thanks, Rick
On 27 Aug 2004, at 08:13, Rick Lowery wrote:
There should be no technical problem due to the origins of the numbers. There might be a problem with some operators filtering out the /24 if it's allocated from a block with consistent /20 allocation boundaries. However, if it's an old allocation this is not necessarily going to be the case (and many people are not that enthusiastic about allocation boundary filtering anyway). If you poke around on www.arin.net you should find summaries by /8 for the longest allocation within each block. The paragraph above is only a concern if your specific /20 lives in a /8 where the longest allocation made by ARIN has a mask length less than 24 bits.
I know they would not be good Internet citizen, but if they needed to do this for a temp basis does anyone see an issue?
There's not much bad citizenry in what you are suggesting: the assigning-RIR problem is a non-problem, and your two sites are still only going to originate one prefix each (which they would presumably do even if you had a separate LIR assignment for the European node). Joe
On Aug 27, 2004, at 8:58 AM, Joe Abley wrote:
On 27 Aug 2004, at 08:13, Rick Lowery wrote:
There is zero "bad citizenry" in this, and don't let anyone tell you differently. It is your netblock, you get to use it as needed. This is much better than getting another /20 for an EU site that only needs a /24. Also, filtering will not be an issue, if you are careful. Anyone who does not hear the /24 will hear the /20. Packets for the /24 will go to your US upstream. As long as your US upstream peers with your EU upstream, and does not filter the /24 being announced over that peering link, they will send the bits where they belong. Since this is much more common than the alternative, you will likely have full connectivity. Anyone knows who filters these days? Sprint stopped when Sean left. Verio stopped when Randy left. I don't know anyone beating that drum any more. (Kinda nice, actually.) I've heard some Asian ISPs do, but don't remember who. -- TTFN, patrick
On Fri, Aug 27, 2004 at 11:16:40AM -0400, Patrick W Gilmore wrote:
Verio filtering had nothing to do with Randy leaving. -- Jared Mauch | pgp key available via finger from jared@puck.nether.net clue++; | http://puck.nether.net/~jared/ My statements are only mine.
[copius snips] On Fri, Aug 27, 2004 at 11:16:40AM -0400, Patrick W Gilmore wrote:
Registering everything appropriately in the IRR will help prevent things from smelling fishy.
Well, for something short term it is even less complex to get provider-allocated space. That is, you can plan the non-temporary long-term around your PI space and have a clean transition out of PA space. Depending on your needs -and the provider's policies- that might be the least-disruptive path for your traffic.
Good advice in general for anyone concerned with more-specifics. Reachability (and more forgiving damening) over long dstances is most assured by making sure you are sourcing your least-specific. Lots of networks trade more-specifics for better geographical dispersion, but don't expect them to propagate further than those who agree to do so.
Lots of folks; manually though? Few. Be sure your data is accurate in [a trusted limb of] the IRR and it should be a non-issue.
Sprint stopped when Sean left. Verio stopped when Randy left.
Tying these policies to individuals is incorrect. Sprint, NTT/Verio and others have slid their filter windows over time, roughly in step with RIR allocation boundaries. For example, as recently as April of this year Verio was using /22 in classical A and B space. The baseline expectation that the DFZ carries rechability data and any more-specific data of interest is exchanged between parties who want it, request it, or pay for it still holds true. "Being conservative in what you send" also applies to anticipating *others* not being "liberal in what they receive". Joe -- RSUC / GweepNet / Spunk / FnB / Usenix / SAGE
On Mon, Aug 30, 2004 at 07:24:11PM -0400, Joe Provo wrote:
But only then. Only IRRs where the IP address allocation is tied together with route registration protection, IRR route registration data is trustable "enough" for filtering purposes. As far as I know, this is the case only for the RIPE database today. What can I trust RADB when everyone (with access) can add arbitrary route objects for netblocks they don't own? This helps only (at best) against fat-finger-jobs. Regards, Daniel
participants (9)
-
babylon@egenius.org -
Daniel Roesen -
Jared Mauch -
Joe Abley -
Joe Provo -
Nils Ketelsen -
Patrick W Gilmore -
Randy Bush -
Rick Lowery