1/8 and 27/8 allocated to APNIC
Hi, The IANA IPv4 registry has been updated to reflect the allocation of two /8 IPv4 blocks to APNIC in January 2010: 1/8 and 27/8. You can find the IANA IPv4 registry at: http://www.iana.org/assignments/ipv4-address-space/ipv4-address-space.xml http://www.iana.org/assignments/ipv4-address-space/ipv4-address-space.xml http://www.iana.org/assignments/ipv4-address-space/ipv4-address-space.txt Please update your filters as appropriate. The IANA free pool contains 24 unallocated unicast IPv4 /8s. Regards, Leo Vegoda Number Resources Manager, IANA ICANN
Having 1/8 allocated cannot be a blessing... There must be thousands of underskilled in the wild with stuff configured for 1/8. It's like a magnet for unwanted noise traffic. -Tim -----Original Message----- From: Leo Vegoda [mailto:leo.vegoda@icann.org] Sent: Thursday, January 21, 2010 6:37 PM To: Leo Vegoda Subject: 1/8 and 27/8 allocated to APNIC Hi, The IANA IPv4 registry has been updated to reflect the allocation of two /8 IPv4 blocks to APNIC in January 2010: 1/8 and 27/8. You can find the IANA IPv4 registry at: http://www.iana.org/assignments/ipv4-address-space/ipv4-address-space.xm l http://www.iana.org/assignments/ipv4-address-space/ipv4-address-space.xm l http://www.iana.org/assignments/ipv4-address-space/ipv4-address-space.tx t Please update your filters as appropriate. The IANA free pool contains 24 unallocated unicast IPv4 /8s. Regards, Leo Vegoda Number Resources Manager, IANA ICANN ***************************************************************** This message has originated from R. L. Polk & Co., 26955 Northwestern Highway, Southfield, MI 48033. R. L. Polk & Co. sends various types of email communications. If this email message concerns the potential licensing of a Polk product or service, and you do not wish to receive further emails regarding Polk products, forward this email to Do_Not_Send@polk.com with the word "remove" in the subject line. The email and any files transmitted with it are confidential and intended solely for the individual or entity to whom they are addressed. If you have received this email in error, please delete this message and notify the Polk System Administrator at postmaster@polk.com. *****************************************************************
Who said the water at the bottom of the barrel of IPv4 addresses will be very pure? We ARE running out and the global pain is increasing. - Alain. On 1/21/10 6:47 PM, "Bulger, Tim" <Tim_Bulger@polk.com> wrote:
Having 1/8 allocated cannot be a blessing... There must be thousands of underskilled in the wild with stuff configured for 1/8. It's like a magnet for unwanted noise traffic.
-Tim
-----Original Message----- From: Leo Vegoda [mailto:leo.vegoda@icann.org] Sent: Thursday, January 21, 2010 6:37 PM To: Leo Vegoda Subject: 1/8 and 27/8 allocated to APNIC
Hi,
The IANA IPv4 registry has been updated to reflect the allocation of two /8 IPv4 blocks to APNIC in January 2010: 1/8 and 27/8. You can find the IANA IPv4 registry at:
http://www.iana.org/assignments/ipv4-address-space/ipv4-address-space.xm l http://www.iana.org/assignments/ipv4-address-space/ipv4-address-space.xm l http://www.iana.org/assignments/ipv4-address-space/ipv4-address-space.tx t
Please update your filters as appropriate.
The IANA free pool contains 24 unallocated unicast IPv4 /8s.
Regards,
Leo Vegoda Number Resources Manager, IANA ICANN ***************************************************************** This message has originated from R. L. Polk & Co., 26955 Northwestern Highway, Southfield, MI 48033. R. L. Polk & Co. sends various types of email communications. If this email message concerns the potential licensing of a Polk product or service, and you do not wish to receive further emails regarding Polk products, forward this email to Do_Not_Send@polk.com with the word "remove" in the subject line.
The email and any files transmitted with it are confidential and intended solely for the individual or entity to whom they are addressed.
If you have received this email in error, please delete this message and notify the Polk System Administrator at postmaster@polk.com. *****************************************************************
----- Original message -----
Who said the water at the bottom of the barrel of IPv4 addresses will be very pure? We ARE running out and the global pain is increasing.
+1 - Cameron
- Alain.
On 1/21/10 6:47 PM, "Bulger, Tim" <Tim_Bulger@polk.com> wrote:
Having 1/8 allocated cannot be a blessing... There must be thousands of underskilled in the wild with stuff configured for 1/8. It's like a magnet for unwanted noise traffic.
-Tim
-----Original Message----- From: Leo Vegoda [mailto:leo.vegoda@icann.org] Sent: Thursday, January 21, 2010 6:37 PM To: Leo Vegoda Subject: 1/8 and 27/8 allocated to APNIC
Hi,
The IANA IPv4 registry has been updated to reflect the allocation of two /8 IPv4 blocks to APNIC in January 2010: 1/8 and 27/8. You can find the IANA IPv4 registry at:
http://www.iana.org/assignments/ipv4-address-space/ipv4-address-space.xm l http://www.iana.org/assignments/ipv4-address-space/ipv4-address-space.xm l http://www.iana.org/assignments/ipv4-address-space/ipv4-address-space.tx t
Please update your filters as appropriate.
The IANA free pool contains 24 unallocated unicast IPv4 /8s.
Regards,
Leo Vegoda Number Resources Manager, IANA ICANN ***************************************************************** This message has originated from R. L. Polk & Co., 26955 Northwestern Highway, Southfield, MI 48033. R. L. Polk & Co. sends various types of email communications. If this email message concerns the potential licensing of a Polk product or service, and you do not wish to receive further emails regarding Polk products, forward this email to Do_Not_Send@polk.com with the word "remove" in the subject line.
The email and any files transmitted with it are confidential and intended solely for the individual or entity to whom they are addressed.
If you have received this email in error, please delete this message and notify the Polk System Administrator at postmaster@polk.com. *****************************************************************
-----Original Message----- From: Durand, Alain [mailto:alain_durand@cable.comcast.com] Sent: Thursday, January 21, 2010 3:58 PM To: Bulger, Tim; nanog@nanog.org Subject: Re: 1/8 and 27/8 allocated to APNIC
Who said the water at the bottom of the barrel of IPv4 addresses will be very pure? We ARE running out and the global pain is increasing.
- Alain.
Some of that water is dirtier than the rest. I wouldn't want to be the person who gets 1.2.3.0/24
On Thu, 21 Jan 2010, George Bonser wrote:
Some of that water is dirtier than the rest. I wouldn't want to be the person who gets 1.2.3.0/24
The whole /8 should be fun. http://en.wikipedia.org/wiki/AnoNet To avoid addressing conflict with the internet itself, the range 1.0.0.0/8 is used. This is to avoid conflicting with internal networks such as 10/8, 172.16/12 and 192.168/16, as well as assigned Internet ranges. In the event that 1.0.0.0/8 is assigned by IANA, anoNet could move to the next unassigned /8, though such an event is unlikely, as 1.0.0.0/8 has been reserved since September 1981. I thought there was some other group that had been squatting in 1/8, something about radio and peer to peer...but not AnoNet (at least that name was totally unfamiliar)...but this was all I could find with a quick google. ---------------------------------------------------------------------- Jon Lewis | I route Senior Network Engineer | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
On Jan 21, 2010, at 5:22 PM, Jon Lewis wrote:
In the event that 1.0.0.0/8 is assigned by IANA, anoNet could move to the next unassigned /8, though such an event is unlikely, as 1.0.0.0/8 has been reserved since September 1981.
Sounds like a non-winning strategy to me. It's just a (random) matter of time until they get to do the same thing again, see: http://blog.icann.org/2009/09/selecting-which-8-to-allocate-to-an-rir/
I thought there was some other group that had been squatting in 1/8, something about radio and peer to peer...but not AnoNet (at least that name was totally unfamiliar)...but this was all I could find with a quick google.
There are other folks who are playing Russian Roulette, e.g. http://en.wikipedia.org/wiki/Hamachi. Lots of "fun" in store for us in the future. Might think about moving to IPv6... :-) Regards, -drc
On 22/01/10 01:22, Jon Lewis wrote:
On Thu, 21 Jan 2010, George Bonser wrote:
Some of that water is dirtier than the rest. I wouldn't want to be the person who gets 1.2.3.0/24
The whole /8 should be fun.
http://en.wikipedia.org/wiki/AnoNet
To avoid addressing conflict with the internet itself, the range 1.0.0.0/8 is used. This is to avoid conflicting with internal networks such as 10/8, 172.16/12 and 192.168/16, as well as assigned Internet ranges. In the event that 1.0.0.0/8 is assigned by IANA, anoNet could move to the next unassigned /8, though such an event is unlikely, as 1.0.0.0/8 has been reserved since September 1981.
I thought there was some other group that had been squatting in 1/8, something about radio and peer to peer...but not AnoNet (at least that name was totally unfamiliar)...but this was all I could find with a quick google.
This? http://lists.arin.net/pipermail/arin-ppml/2003-May/001628.html -- Neil
On Fri, 22 Jan 2010, Neil Harris wrote:
I thought there was some other group that had been squatting in 1/8, something about radio and peer to peer...but not AnoNet (at least that name was totally unfamiliar)...but this was all I could find with a quick google.
This?
http://lists.arin.net/pipermail/arin-ppml/2003-May/001628.html
Yeah...that's the one. ---------------------------------------------------------------------- Jon Lewis | I route Senior Network Engineer | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
On Thu, Jan 21, 2010 at 08:22:57PM -0500, Jon Lewis wrote:
On Thu, 21 Jan 2010, George Bonser wrote:
Some of that water is dirtier than the rest. I wouldn't want to be the person who gets 1.2.3.0/24
The whole /8 should be fun.
http://en.wikipedia.org/wiki/AnoNet
To avoid addressing conflict with the internet itself, the range 1.0.0.0/8 is used. This is to avoid conflicting with internal networks such as 10/8, 172.16/12 and 192.168/16, as well as assigned Internet ranges. In the event that 1.0.0.0/8 is assigned by IANA, anoNet could move to the next unassigned /8, though such an event is unlikely, as 1.0.0.0/8 has been reserved since September 1981.
I thought there was some other group that had been squatting in 1/8, something about radio and peer to peer...but not AnoNet (at least that name was totally unfamiliar)...but this was all I could find with a quick google.
Yeah, they're not the only bunch of idiots who think that "unallocated" means "free for all". I'm reliably informed that Hamachi uses 5/8 (for the same reasons as this AnoNet bunch). There's probably others out there. Fun times ahead for moron-fac^Wcustomer-facing support personnel. - Matt
On Thu, Jan 21, 2010 at 05:13:39PM -0800, George Bonser wrote: [snip]
Some of that water is dirtier than the rest. I wouldn't want to be the person who gets 1.2.3.0/24
Yeah, I encountered some lovely wireless hotspots that use "visit http://1.1.1.1/ to log out". Seem some vendors encourage the behavior: http://www.cisco.com/en/US/docs/wireless/controller/4.1/configuration/guide/... (as propagated by 'amerispot.com', 'vhotspot.com.au', and some vendor I forget who does a lot of marine 802.11<->sat NAT service). -- RSUC / GweepNet / Spunk / FnB / Usenix / SAGE
On Jan 21, 2010, at 9:40 PM, Joe Provo wrote:
On Thu, Jan 21, 2010 at 05:13:39PM -0800, George Bonser wrote: [snip]
Some of that water is dirtier than the rest. I wouldn't want to be the person who gets 1.2.3.0/24
Yeah, I encountered some lovely wireless hotspots that use "visit http://1.1.1.1/ to log out". Seem some vendors encourage the behavior: http://www.cisco.com/en/US/docs/wireless/controller/4.1/configuration/guide/... (as propagated by 'amerispot.com', 'vhotspot.com.au', and some vendor I forget who does a lot of marine 802.11<->sat NAT service).
My guess is there may actually be some liability that resides with Cisco in this regard in producing defective equipment on purpose. - Jared
On Thu, Jan 21, 2010 at 5:13 PM, George Bonser <gbonser@seven.com> wrote:
Some of that water is dirtier than the rest. I wouldn't want to be the person who gets 1.2.3.0/24
I'd guess that 1.1.1.1 and 2.2.2.2 are probably much more widely used. At least 1.1.1.0/24 should be reserved by IANA or somebody. -- ---- Thanks; Bill Note that this isn't my regular email account - It's still experimental so far. And Google probably logs and indexes everything you send it.
Bill Stewart wrote:
On Thu, Jan 21, 2010 at 5:13 PM, George Bonser <gbonser@seven.com> wrote:
Some of that water is dirtier than the rest. I wouldn't want to be the person who gets 1.2.3.0/24
I'd guess that 1.1.1.1 and 2.2.2.2 are probably much more widely used. At least 1.1.1.0/24 should be reserved by IANA or somebody.
I agree that 1/8 was probably about the *last* that should have been allocated. It's particularly frustrating that they made two assignments at the same time, but not to adjacent routing blocks.... Also, 27/8 is clearly in the middle of a group of North American military assignments. So at the very least, these aren't very CIDR'ish. Why not 36 & 37?
On 01/22/2010 02:54 PM, William Allen Simpson wrote:
Why not 36 & 37?
please refer to http://blog.icann.org/2009/09/selecting-which-8-to-allocate-to-an-rir/ cheers, raoul -- ____________________________________________________________________ DI (FH) Raoul Bhatia M.Sc. email. r.bhatia@ipax.at Technischer Leiter IPAX - Aloy Bhatia Hava OEG web. http://www.ipax.at Barawitzkagasse 10/2/2/11 email. office@ipax.at 1190 Wien tel. +43 1 3670030 FN 277995t HG Wien fax. +43 1 3670030 15 ____________________________________________________________________
On Fri, Jan 22, 2010 at 08:54:37AM -0500, William Allen Simpson <william.allen.simpson@gmail.com> wrote a message of 20 lines which said:
I agree that 1/8 was probably about the *last* that should have been allocated. It's particularly frustrating that they made two assignments at the same time, but not to adjacent routing blocks....
http://blog.icann.org/2009/09/selecting-which-8-to-allocate-to-an-rir/
* William Allen Simpson:
Bill Stewart wrote:
On Thu, Jan 21, 2010 at 5:13 PM, George Bonser <gbonser@seven.com> wrote:
Some of that water is dirtier than the rest. I wouldn't want to be the person who gets 1.2.3.0/24
I'd guess that 1.1.1.1 and 2.2.2.2 are probably much more widely used. At least 1.1.1.0/24 should be reserved by IANA or somebody.
I agree that 1/8 was probably about the *last* that should have been allocated.
It's probably better to decouple the pain of taking 1/8 and 2/8 into production from the general pain of running out in ernest (assuming that we ever enter an age where IP addresses are a scarce resource). -- Florian Weimer <fweimer@bfk.de> BFK edv-consulting GmbH http://www.bfk.de/ Kriegsstraße 100 tel: +49-721-96201-1 D-76133 Karlsruhe fax: +49-721-96201-99
On 22/01/2010 13:54, William Allen Simpson wrote:
Also, 27/8 is clearly in the middle of a group of North American military assignments. So at the very least, these aren't very CIDR'ish.
Is that operationally relevant to the /8 assignment process?
Why not 36 & 37?
Random selection to ensure that no RIR can accuse IANA of bias. See David's previous post: http://blog.icann.org/2009/09/selecting-which-8-to-allocate-to-an-rir/ Nick
Nick Hilliard wrote:
On 22/01/2010 13:54, William Allen Simpson wrote:
Why not 36 & 37?
Random selection to ensure that no RIR can accuse IANA of bias. See David's previous post:
http://blog.icann.org/2009/09/selecting-which-8-to-allocate-to-an-rir/
Because relying on a blog post for policy really meets everybody's definition of rationality.... :-( If you're assigning 2 at the same time, they should be adjacent. The dribbles here and there policy never was particularly satisfying, because it assumes that this was all temporary until the widespread deployment of IPv6.
On Fri, Jan 22, 2010 at 10:16:12AM -0500, William Allen Simpson <william.allen.simpson@gmail.com> wrote a message of 17 lines which said:
http://blog.icann.org/2009/09/selecting-which-8-to-allocate-to-an-rir/
Because relying on a blog post for policy
I'm fairly certain that it is because the ICANN staff can post on its own blog at will while creating a "real" policy and publishing it on the official Web site requires five years, the (paid) advice of ten lawyers and the signature of five vice-presidents.
To echo and earlier post, what's the operational importance of assigning adjacent /8s? Are you hoping to aggregate them into a /7? --Richard On Fri, Jan 22, 2010 at 10:16 AM, William Allen Simpson <william.allen.simpson@gmail.com> wrote:
Nick Hilliard wrote:
On 22/01/2010 13:54, William Allen Simpson wrote:
Why not 36 & 37?
Random selection to ensure that no RIR can accuse IANA of bias. See David's previous post:
http://blog.icann.org/2009/09/selecting-which-8-to-allocate-to-an-rir/
Because relying on a blog post for policy really meets everybody's definition of rationality.... :-(
If you're assigning 2 at the same time, they should be adjacent.
The dribbles here and there policy never was particularly satisfying, because it assumes that this was all temporary until the widespread deployment of IPv6.
Just to be technically correct: Even if you could, you wouldn't do that with 1/8 and 2/8: will need to pair up 2/8 with 3/8! On Fri, Jan 22, 2010 at 8:30 PM, Richard Barnes <richard.barnes@gmail.com>wrote:
To echo and earlier post, what's the operational importance of assigning adjacent /8s? Are you hoping to aggregate them into a /7? --Richard
On Fri, Jan 22, 2010 at 10:16 AM, William Allen Simpson <william.allen.simpson@gmail.com> wrote:
Nick Hilliard wrote:
On 22/01/2010 13:54, William Allen Simpson wrote:
Why not 36 & 37?
Random selection to ensure that no RIR can accuse IANA of bias. See David's previous post:
http://blog.icann.org/2009/09/selecting-which-8-to-allocate-to-an-rir/
Because relying on a blog post for policy really meets everybody's definition of rationality.... :-(
If you're assigning 2 at the same time, they should be adjacent.
The dribbles here and there policy never was particularly satisfying, because it assumes that this was all temporary until the widespread deployment of IPv6.
In the absence of global policy on this matter, the RIRs and IANA try to work together in the tradition of the Internet in order to keep things running as smoothly as possible. This is a *feature* not a bug. If you want formal policy in this area, it's very easy to submit a proposal for global number policy to each of the RIRs and that will produce the desired result. One should be realistic about the time requirements to produce uniform global policy; it looks to take about 12 to 18 months from policy initiation to global adoption at present. /John On Jan 22, 2010, at 10:16 AM, William Allen Simpson wrote:
Nick Hilliard wrote:
On 22/01/2010 13:54, William Allen Simpson wrote:
Why not 36 & 37? Random selection to ensure that no RIR can accuse IANA of bias. See David's previous post: http://blog.icann.org/2009/09/selecting-which-8-to-allocate-to-an-rir/ Because relying on a blog post for policy really meets everybody's definition of rationality.... :-(
If you're assigning 2 at the same time, they should be adjacent.
The dribbles here and there policy never was particularly satisfying, because it assumes that this was all temporary until the widespread deployment of IPv6.
On 22/01/2010 15:16, William Allen Simpson wrote:
Because relying on a blog post for policy really meets everybody's definition of rationality.... :-(
What works then? What happened to rough consensus and running code?
If you're assigning 2 at the same time, they should be adjacent.
The dribbles here and there policy never was particularly satisfying, because it assumes that this was all temporary until the widespread deployment of IPv6.
I don't get where you're coming from here. I can see that there is a (very minor) aesthetic reason to assign adjacent /8s to a RIR. But operationally, I really can't see any other reason. Someone else mentioned that we are now scraping the bottom of the ipv4 barrel. As of two days ago, there were quantifiable problems associated with 13 out of the 26 remaining /8s. 12 of these are known to be used to one extent or another on internet connected networks, and are seen as source addresses on various end-points around the place. One of them (223/8) has rfc-3330 issues (although later fixed in 5735). So, the issue for IANA is how to allocate these /8s in a way which is demonstrably unbiased towards any particular RIR. The solution which they've agreed on with the RIRs looks unbiassed, unpredictable in advance, calculable in retrospect and best of all, it's not open to abuse. And while Chuck Norris could probably predict the footsie, the djia and the hang-seng weeks in advance, this sort of prognostication appears to be beyond the capabilities of ICANN, IANA and the RIRs. At least if it isn't, no-one's saying anything. Do you have a better suggestion about how to allocate tainted address space in a way that is going to ensure that the organisations at the receiving end aren't going to accuse you of bias? Nick
Nick Hilliard wrote: Someone else mentioned that we are now scraping the bottom of the ipv4 barrel. As of two days ago, there were quantifiable problems associated with 13 out of the 26 remaining /8s. 12 of these are known to be used to one extent or another on internet connected networks, and are seen as source addresses on various end-points around the place. One of them (223/8) has rfc-3330 issues (although later fixed in 5735). So, the issue for IANA is how to allocate these /8s in a way which is demonstrably unbiased towards any particular RIR. The solution which they've agreed on with the RIRs looks unbiassed, unpredictable in advance, calculable in retrospect and best of all, it's not open to abuse. And while Chuck Norris could probably predict the footsie, the djia and the hang-seng weeks in advance, this sort of prognostication appears to be beyond the capabilities of ICANN, IANA and the RIRs. At least if it isn't, no-one's saying anything. Do you have a better suggestion about how to allocate tainted address space in a way that is going to ensure that the organisations at the receiving end aren't going to accuse you of bias? My response: The granularity of allocations is arbitrary, and when scraping the bottom of the barrel, where there are known problems, it may time to get more granular. There's really no difference in managing a handful of /N's rather than /8's, if N is not that much bigger than 8. The granularity boundary probably should stay around or above the biggest assignments a given RIR is expected to make, or has made. So, if the tainted *portions* of problem /8's are set aside, you end up with sets of varying sizes of /N. E.g. if there is one /24 that is a problem, you set that aside, and end up with a set that consists of one each of /9 through /24. Even if you set aside a /16, you get a set which is /9, /10, /11, /12, /13, /14, /15, and /16.
From a documentation and allocation perspective, you could even treat that as giving the whole of the /8 to the RIR, and having them give back (assign) the problem chunk to IANA.
Do this for the 13 problem /8's, and then group the resulting untainted sets and give them out. Give them out according to the needs of the RIRs, and the larger community will consider it fair. No one will think badly of giving the /9's to one of the big 3 (APNIC, ARIN, or RIPE), and the smaller ones to the other RIRs, I'm sure. As long as there are no tainted portions assigned to the RIRs, I don't see how this could be a problem. Brian
On 22 Jan 2010, at 8:32, Brian Dickson wrote: [...]
The granularity of allocations is arbitrary, and when scraping the bottom of the barrel, where there are known problems, it may time to get more granular.
There's really no difference in managing a handful of /N's rather than /8's, if N is not that much bigger than 8.
You need to change the global policy to do that. ICANN staff cannot allocate anything more specific than a /8 right now because the policy requires IPv4 allocations to the RIRs be in /8 units. http://www.icann.org/en/general/allocation-IPv4-rirs.html Regards, Leo
Would it make sense for the RIRs to just carve out the bad parts of the blocks, instead of IANA? Under current policy, would reserving "bad" bits make it more difficult for an RIR to get additional allocations? --Richard On Fri, Jan 22, 2010 at 11:56 AM, Leo Vegoda <leo.vegoda@icann.org> wrote:
On 22 Jan 2010, at 8:32, Brian Dickson wrote:
[...]
The granularity of allocations is arbitrary, and when scraping the bottom of the barrel, where there are known problems, it may time to get more granular.
There's really no difference in managing a handful of /N's rather than /8's, if N is not that much bigger than 8.
You need to change the global policy to do that. ICANN staff cannot allocate anything more specific than a /8 right now because the policy requires IPv4 allocations to the RIRs be in /8 units.
http://www.icann.org/en/general/allocation-IPv4-rirs.html
Regards,
Leo
On Jan 22, 2010, at 9:52 AM, Richard Barnes wrote:
Would it make sense for the RIRs to just carve out the bad parts of the blocks, instead of IANA? Under current policy, would reserving "bad" bits make it more difficult for an RIR to get additional allocations?
Under existing policies, there is no way for IANA to carve out pieces of address blocks. The /8s with pieces carved out of them by the IETF are/will be allocated to RIRs with an understanding that the RIRs aren't supposed to allocate the IETF-designated reserved chunks (which, presumably, they won't). Regards, -drc
In a message written on Fri, Jan 22, 2010 at 12:32:30PM -0400, Brian Dickson wrote:
So, if the tainted *portions* of problem /8's are set aside, you end up with sets of varying sizes of /N. E.g. if there is one /24 that is a problem, you set that aside, and end up with a set that consists of one each of /9 through /24. Even if you set aside a /16, you get a set which is /9, /10, /11, /12, /13, /14, /15, and /16.
If the tainted portions were going to be set aside, it makes much more sense to me that they be set aside at the RIR level and simply not be counted against the RIR when they go back to IANA for more. It makes the bookkeeping much simpler. When you go to IANA's web site 1/8 went to an RIR. You can look there to find the few /24's that couldn't be given out. The alternative is to blow up the IANA allocation list by several orders of magnitude, for no good reason. Really though, we need the squatters to feel pain. They are the ones in the wrong. Unfortunately who ever receives the allocations will also feel pain. -- Leo Bicknell - bicknell@ufp.org - CCIE 3440 PGP keys at http://www.ufp.org/~bicknell/
On 22/01/2010 16:32, Brian Dickson wrote:
So, if the tainted *portions* of problem /8's are set aside
What portion of 1/8 is untainted? Or any other /8 that the IANA has identified as having problems? How do you measure it? How do you ensure that other /8s which don't _appear_ to have problems really don't have problems due to invisible use? And if you set aside say, the bits that WIANA or some other organisation has delegated to its stakeholders, are you implicitly acknowledging that they are a legitimate ICANN accredited RIR? Or if some large corporation starts reselling CPE gear which uses IANA-unallocated space on one of their popular devices, does their prior use get them some form of "rights" over that address space? IANA only guarantees that no other RIR has been allocated these /8s according to its registry, and it does not guarantee routability or reachability on the public internet (however much the individuals within IANA / ICANN care about this). If some other organisation has decided to use address space which overlaps with IANA's public registry, then they've created a serious problem for themselves and their customers / stakeholders which could have been avoided in the first place. IPv4 address space is handed out on the basis of need, and there was really no reason for these organisations to squat unallocated space in the first place. IANA hands out /8s. We know that some of these are going to cause serious problems, but life sucks and we just have to deal with what happens. Personally, I feel very sorry for APNIC that they've been allocated 1/8, but that's just the way the cookie crumbles. The RIRs agreed a process with IANA and knew what the consequences of that process were. They also appear to have agreed that it was better to use 1/8 than not use it. Their end-users are going to be incensed at the level of problems which this is going to cause. I can only hope that there won't be inter-governmental bun-fights over it. Nick
In a message written on Fri, Jan 22, 2010 at 07:09:00PM +0000, Nick Hilliard wrote:
What portion of 1/8 is untainted? Or any other /8 that the IANA has identified as having problems? How do you measure it? How do you ensure
I, personally, am quite skeptical that any of the /8's are tainted to the point where they are unusable. However, as an example of something I would say rises to the level of tainted. Remember a few years back Netgear hard coded the IP's of the UW time servers, and then shipped a few million boxes, which on by the way had a bug so they asked for time too often? http://pages.cs.wisc.edu/~plonka/netgear-sntp/ The result was a 40,000 packet per second flood. If an RIR was to give out a block with that sort of taint (e.g. UW returned that block, or something out there defaults to contacting 1/8 in a similar manor) then I think it's reasonable for the RIR to mark it as tainted, work with the people to get it fixed, and give folks other address space. Hopefully the RIR could work with the party involved and eventually return the space to service.
IANA hands out /8s. We know that some of these are going to cause serious problems, but life sucks and we just have to deal with what happens.
Pretty much. -- Leo Bicknell - bicknell@ufp.org - CCIE 3440 PGP keys at http://www.ufp.org/~bicknell/
From the traffic generated by all the port-scanning and other similarly-useless packets, one could argue that all of unicast v4 space is tainted at this point.* Maybe we should be using that as a reason to switch to v6. Matthew Kaufman *If you don't believe me, point a /16 or larger down a fractional T1 line and try to get useful work done over the remaining bandwidth.
I think it would certainly be useful, both diagnostically and operationally, for IANA and the RIR's to *actually announce* the unused space, and run either or both of tar-pits and honey-pots on those, for just such a reason - to gauge problems that might exist on "unused" space, *before* the space is assigned. And, it'd be nice if there were a check-box for "I volunteer for the pain". In the movies, where something bad can happen and they draw straws, it is almost always drawing straws from among volunteers. There are certainly reasons for wanting to identify and not assign space that has "issues", to certain recipients or when certain conditions exist. E.g.: critical infrastructure /24's; initial assignments (where the recipient doesn't gave another block into which to internally interchange addresses); less technically adept recipients (e.g. in the developing nations, where adding "pain" would really be unusually cruel.) Brian -----Original Message----- From: Nick Hilliard [mailto:nick@foobar.org] Sent: January-22-10 3:09 PM To: Brian Dickson Cc: William Allen Simpson; nanog@nanog.org Subject: Re: 1/8 and 27/8 allocated to APNIC On 22/01/2010 16:32, Brian Dickson wrote:
So, if the tainted *portions* of problem /8's are set aside
What portion of 1/8 is untainted? Or any other /8 that the IANA has identified as having problems? How do you measure it? How do you ensure that other /8s which don't _appear_ to have problems really don't have problems due to invisible use? IANA hands out /8s. We know that some of these are going to cause serious problems, but life sucks and we just have to deal with what happens.
On 2010-01-22, at 14:49, Brian Dickson wrote:
I think it would certainly be useful, both diagnostically and operationally, for IANA and the RIR's to *actually announce* the unused space, and run either or both of tar-pits and honey-pots on those, for just such a reason - to gauge problems that might exist on "unused" space, *before* the space is assigned.
I believe the RIRs have already been doing this with each /8 they've received from the IANA for quite some time. Joe
On 22 Jan 2010, at 11:52, Joe Abley wrote:
I think it would certainly be useful, both diagnostically and operationally, for IANA and the RIR's to *actually announce* the unused space, and run either or both of tar-pits and honey-pots on those, for just such a reason - to gauge problems that might exist on "unused" space, *before* the space is assigned.
I believe the RIRs have already been doing this with each /8 they've received from the IANA for quite some time.
And indeed the latest APNIC stats file shows that they have made assignments from their new /8s, presumably for this purpose: apnic AP ipv4 1.0.0.0 256 20100122 assigned apnic AP ipv4 1.1.1.0 256 20100122 assigned apnic AP ipv4 1.2.3.0 256 20100122 assigned apnic AP ipv4 1.50.0.0 1024 20100122 allocated apnic AP ipv4 1.255.0.0 65536 20100122 allocated apnic AP ipv4 27.0.0.0 256 20100122 assigned apnic AP ipv4 27.50.0.0 1024 20100122 allocated apnic AP ipv4 27.255.0.0 65536 20100122 allocated Regards, Leo
On Fri, Jan 22, 2010 at 11:49 AM, Brian Dickson <Brian.Dickson@concertia.com> wrote:
I think it would certainly be useful, both diagnostically and operationally, for IANA and the RIR's to *actually announce* the unused space, and run either or both of tar-pits and honey-pots on those, for just such a reason - to gauge problems that might exist on "unused" space, *before* the space is assigned.
$ whois -h whois.apnic.net 1.1.1.1 % [whois.apnic.net node-1] % Whois data copyright terms http://www.apnic.net/db/dbcopyright.html inetnum: 1.1.1.0 - 1.1.1.255 netname: Debogon-prefix descr: APNIC Debogon Project descr: APNIC Pty Ltd country: AU admin-c: AP16-AP tech-c: AP16-AP mnt-by: APNIC-HM mnt-routes: MAINT-APNIC-DEBOGON (Similar things exist for 1.1.2.0/24 and several others) I'm not seeing them announced yet, but it's only a matter of time. Scott.
On Fri, Jan 22, 2010 at 11:49 AM, Brian Dickson <Brian.Dickson@concertia.com> wrote:
I think it would certainly be useful, both diagnostically and operationally, for IANA and the RIR's to *actually announce* the unused space, and run either or both of tar-pits and honey-pots on those, for just such a reason - to gauge problems that might exist on "unused" space, *before* the space is assigned.
And, it'd be nice if there were a check-box for "I volunteer for the pain". In the movies, where something bad can happen and they draw straws, it is almost always drawing straws from among volunteers.
*heh* And there's always going to be a set of normally-outbound-heavy networks that would *love* to get more inbound traffic by hosting honeypots for tainted networks...so there's one set of hands ready and waiting to shoot up the minute you need volunteers for your tar-pits and honey-pots. Matt
On 22 Jan 2010, at 7:16, William Allen Simpson wrote: [...]
http://blog.icann.org/2009/09/selecting-which-8-to-allocate-to-an-rir/
Because relying on a blog post for policy really meets everybody's definition of rationality.... :-(
It's not a policy, it's an explanation of the reasoning behind the implementation of the policy. Regards, Leo
leo, This is done, you should see it propogating. regards, darren On Fri, Jan 22, 2010 at 08:58:30AM -0800, Leo Vegoda wrote:
On 22 Jan 2010, at 7:16, William Allen Simpson wrote:
[...]
http://blog.icann.org/2009/09/selecting-which-8-to-allocate-to-an-rir/
Because relying on a blog post for policy really meets everybody's definition of rationality.... :-(
It's not a policy, it's an explanation of the reasoning behind the implementation of the policy.
Regards,
Leo
On Thu, 21 Jan 2010 18:47:39 -0500, Bulger, Tim <Tim_Bulger@polk.com> wrote:
Having 1/8 allocated cannot be a blessing... There must be thousands of underskilled in the wild with stuff configured for 1/8. It's like a magnet for unwanted noise traffic.
I was thinking the same thing. I know of many installations where 1/8 has been used internally. Technically, they're mostly all "mainframe" installations that are never supposed to be connected to the internet, but they're accessed by machines that are. (that are already using private IPv4 space.) But it's not all bad. It's assigned to APNIC, so a lot of people will gladly continue blocking it.
participants (30)
-
Bill Stewart -
Brian Dickson -
Bulger, Tim -
Cam Byrne -
Darren M. Kara -
David Conrad -
Durand, Alain -
Florian Weimer -
George Bonser -
Jared Mauch -
Joe Abley -
Joe Provo -
Joel Jaeggli -
John Curran -
Jon Lewis -
Leo Bicknell -
Leo Vegoda -
Matthew Kaufman -
Matthew Palmer -
Matthew Petach -
Neil Harris -
Nick Hilliard -
Randy Bush -
Raoul Bhatia [IPAX] -
Richard Barnes -
Ricky Beam -
Scott Howard -
Stephane Bortzmeyer -
William Allen Simpson -
Zartash Uzmi