[131356] in North American Network Operators' Group
=?windows-1252?Q?Re:_Why_ULA:_low_collision_chance_=28Was:_IPv6_?=
daemon@ATHENA.MIT.EDU (Owen DeLong)
Fri Oct 22 11:44:35 2010
From: Owen DeLong <owen@delong.com>
In-Reply-To: <AANLkTikR97YY4cUYyWThSXd_YkmYe0mswDKU+vmB4akQ@mail.gmail.com>
Date: Fri, 22 Oct 2010 08:40:35 -0700
To: William Herrin <bill@herrin.us>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Oct 22, 2010, at 5:25 AM, William Herrin wrote:
> On Fri, Oct 22, 2010 at 1:20 AM, Joel Jaeggli <joelja@bogus.com> wrote:
>> On 10/21/10 6:38 PM, Owen DeLong wrote:
>>> On Oct 21, 2010, at 3:42 PM, Jack Bates wrote:
>>>> On 10/21/2010 5:27 PM, Joel Jaeggli wrote:
>>>>>
>>>>> Announce your gua and then blackhole it and monitor your prefix.
>>>>> you can tell if you're leaking. it's generally pretty hard to
>>>>> tell if you're leaking rfc 1918 since your advertisement may well
>>>>> work depending on the filters of your peers but not very far.
>>>>
>>>> This is always the argument I hear from corporate customers
>>>> concerning wanting NAT. If mistake is made, the RFC 1918 space
>>>> isn't routable. They often desire the same out of v6 for that
>>>> reason alone.
>>
>> the rfc 1918 space is being routed inside almost all your adjacent
>> networks, so if their ingress filtering is working as expected, great,
>> but you're only a filter away from leaking.
>
> A filter away from leaking to -one- of the millions of entities on the
> internet. Two filters away from leaking to two.
>
This underestimates the transitive property of leakage.
Owen
