[76249] in North American Network Operators' Group
Re: 16-bit ASN kludge
daemon@ATHENA.MIT.EDU (Owen DeLong)
Fri Dec 3 18:24:12 2004
Date: Fri, 03 Dec 2004 15:23:55 -0800
From: Owen DeLong <owen@delong.com>
To: Valdis.Kletnieks@vt.edu, John Dupuy <jdupuy-list@socket.net>
Cc: nanog@merit.edu
In-Reply-To: <200412032308.iB3N8e9d004006@turing-police.cc.vt.edu>
Errors-To: owner-nanog-outgoing@merit.edu
--==========24DAB73F8A37AF462B84==========
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
I don't see non-transit ASN leakage as any greater issue than current
private ASN leakage.
However, I do see the ability to use non-transit ASNs to multihome end =
sites
with provider independent addresses and allow better aggregation as a good
thing. In this case, leakage would only have the same consequences as =
doing
things the way we do them now.
I don't see a real downside.
Owen
--On Friday, December 3, 2004 18:08 -0500 Valdis.Kletnieks@vt.edu wrote:
> On Fri, 03 Dec 2004 16:36:39 CST, John Dupuy said:
>> Along these lines, one could leave the transit AS networks alone if a
>> parallel 16 bit ASN space were created. Essentially, any non-transit
>> network would have it's non-public ASN retranslated NAT-style by
>> upstream transit network border routers. Only the border routers would
>> have to be changed. They would have to differentiate between public ASN
>> X and non-public ASN X (same number) based on the which side of the
>> router the ASN was learned from.
>
> So given the lack of trouble with NAT sites leaking rfc1918 addresses, =
you
> foresee no problems with sites accidentally leaking the non-public ASN's,
> right?
--=20
If this message was not signed with gpg key 0FE2AA3D, it's probably
a forgery.
--==========24DAB73F8A37AF462B84==========
Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (Darwin)
iD8DBQFBsPWLn5zKWQ/iqj0RAovGAJ9wpfJf2UaWalSD8rQDUqo5dZJZ6ACeKmte
Kkn7H1O3PIIakM/sDTaBNaI=
=mJTY
-----END PGP SIGNATURE-----
--==========24DAB73F8A37AF462B84==========--
