[158882] in North American Network Operators' Group
=?windows-1252?Q?Re=3A_Advisory_=97_D-root_is_changing_its_IPv4_?=
daemon@ATHENA.MIT.EDU (Joe Abley)
Fri Dec 14 14:02:45 2012
From: Joe Abley <jabley@hopcount.ca>
In-Reply-To: <CACQ8_wrA_5nYaXUY50vPG7vDxe4WfbMJLhjwN1v9KA-cv45LMQ@mail.gmail.com>
Date: Fri, 14 Dec 2012 14:02:31 -0500
To: Joe Antkowiak <antkojm1@gmail.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 2012-12-14, at 13:17, Joe Antkowiak <antkojm1@gmail.com> wrote:
> On Fri, Dec 14, 2012 at 11:56 AM, Jay Ashworth <jra@baylink.com> =
wrote:
>=20
>> Quite so: UMD: Where will the old IP route after the 6 month period =
is
>> complete? Somewhere safe?
>>=20
>> In point of fact, ISTM that there *is no way* to make this completely =
safe;
>> granted that it's a low percentage attack, and thus probably not =
useful
>> to actual attackers, but the possibility exists that someone could =
hijack
>> that block at a provider level, and provide their own replacement for =
that
>> old server IP.
>>=20
>=20
> This is an extremely good point... Where will the former addresses =
be
> going after this?
As I understand it (but ask UMD!)
- D-Root is currently numbered out of a general-purpose UMD /16 into a =
dedicated, specifically-assigned /24
- the UMD /16 is not going anywhere
The announcement is that D-Root is being renumbered, not that UMD is =
renumbering its whole network.
Other root servers have renumbered out of institutional, general-purpose =
networks into dedicated networks in the past. I think the last one was =
B-Root in 2004, from an address within 128.9.0.0/16 to an address within =
192.228.79.0/24 (see <http://www.root-servers.org/news/new-ip-b.html>).
> I'm sure someone's thought about that though...I hope.
Joe=
