[140867] in North American Network Operators' Group
Re: Rogers Canada using 7.0.0.0/8 for internal address space
daemon@ATHENA.MIT.EDU (Patrick W. Gilmore)
Tue May 24 00:42:53 2011
From: "Patrick W. Gilmore" <patrick@ianai.net>
In-Reply-To: <BANLkTi=tRT3j71Ty6YVp3c9DvXhS3CnjSQ@mail.gmail.com>
Date: Tue, 24 May 2011 00:42:14 -0400
To: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On May 24, 2011, at 12:36 AM, Jimmy Hess wrote:
> On Mon, May 23, 2011 at 11:09 PM, Patrick W. Gilmore =
<patrick@ianai.net> wrote:
>> If they do, any Rogers customer who wants to talk to it is screwed. =
Whether they have a 7 addy or not, Rogers' routers will not let the =
packet leave Rogers' borders.
>=20
> That could depend on whether Rogers' border routers are adequately =
configured
> to block/filter the announcement, and whether whatever the DoD =
chose to
> announce was a longer prefix than what Rogers' equipment had
> routes/controls for.
>=20
> In theory; there exists a possibility that the DoD could announce a
> /24 of something
> Rogers' was internally routing as a /16, then if unfiltered the DoD
> announce could win,
> causing internal (self-inflicted) issues for Rogers.
We're all just guessing here, until some Rogers engineer speaks up.
However, many networks take active steps to assure that external parties =
cannot disrupt their internal network. Anyone on this list with =
internal prefixes shorter than /24 likely have filters or other =
mechanisms in place to ensure they do not hear a /24 of their own space =
from peers & transit providers. If they do not, then they are at risk, =
whether they use highjacked space or not.
As a result, while it is possible the DoD could announce a /24 that =
Rogers routes internally as a /16 and cause Rogers problems; I suspect =
Rogers ensured the DoD - or anyone else - cannot cause them problems. =
Other than putting a web server in 7/8 that Rogers customers want to =
visit. :)
--=20
TTFN,
patrick
> The DoD could also eventually use the 7 range for something, resulting
> in complaints to Rogers
> from users who seem unable to reach (some web site placed in 7/8).
>=20
>=20
> Unofficial use of other organization's IP address space is playing =
with fire.
>=20
>=20
> It may mark the symbolic start of a new IPv4, where eventually
> many /8s will have tons of unofficial claimaints, and whoever
> threatens more, pays the major providers more, or has more lawyers
> (take your pick), gets their announcement more widely propagated.
>=20
> Sometimes if enough players start playing with fire, a really bad,
> uncontrollable inferno eventually gets ignited.
>=20
>> TTFN,
>> patrick
> --
> -JH
>=20
