[192035] in North American Network Operators' Group
Re: nested prefixes in Internet
daemon@ATHENA.MIT.EDU (Owen DeLong)
Mon Oct 10 16:28:49 2016
X-Original-To: nanog@nanog.org
From: Owen DeLong <owen@delong.com>
In-Reply-To: <b659e5e9-748e-1bd3-8e6b-4c6e091e37c5@gmail.com>
Date: Mon, 10 Oct 2016 13:27:38 -0700
To: Baldur Norddahl <baldur.norddahl@gmail.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces@nanog.org
> On Oct 10, 2016, at 12:44 PM, Baldur Norddahl =
<baldur.norddahl@gmail.com> wrote:
>=20
>=20
>=20
> Den 10/10/2016 kl. 19.24 skrev Niels Bakker:
>> * r.engehausen@gmail.com (Roy) [Mon 10 Oct 2016, 19:19 CEST]:
>>> I don't think I ever said that ISP-B would announce the /19. That =
would only be announced by ISP-A. ISP-B would only announce the /24 =
that has been delegated to it.
>>>=20
>>> If the ISP-A/ISP-B link goes down then the /24 would be seen only =
via ISP-C which is the desired result.
>>=20
>> What if ISP-A then receives traffic inside its /19 destined for =
ISP-B's /24? It will have to send it over transit and won't bill ISP-B =
for that traffic. You cannot expect 100% of the rest of the Internet to =
honour the more specific all the time.
>=20
> Is that a real problem? In my experience a /24 is honoured almost =
universally.
In my experience, with notable exceptions, ISPs don=92t like to provide =
transit to people who aren=92t paying them, so if it becomes enough =
traffic to get noticed, it=92s not at all unlikely that ISP-A would =
start dropping it, even if they didn=92t ignore the prefix.
> If we assume the big tier 1 transit providers honour the /24 =
announcement, the only possible way for ISP-A to receive traffic via the =
/19 is if ISP-A is directly peered with someone that ignores the /24.
Not true=85 There are myriad reasons that the /24 might not reach a =
network peered with ISP-A, including the possibility of being a =
downstream customer of a network peered with or buying transit from =
ISP-A. In the latter case, not an issue, since it=92s paid transit, but =
in the former (peered, not transit), again, ISP-A is probably not super =
excited to carry traffic that someone isn=92t paying them to carry.
> Even if some small amount of traffic does go that route, it might not =
be viewed as a problem as the volume is likely to be very low.
Until some clever miscreant notices the situation and decides to exploit =
it for a dDOS.
Owen
