[arin-ppml] IPv6 Multihomed networks

Scott Leibrand scottleibrand at gmail.com
Tue Feb 23 14:48:14 EST 2010


I think most people understand that a SIDR/rPKI system would  make this 
problem go away.  The big question is when such a system will ever be 
deployed, and whether policy can safely assume it will be soon enough.   
How foggy is your crystal ball on that subject?  :-)

-Scott

On Tue 2/23/2010 11:43 AM, Michael Richardson wrote:
> For those that feel that ARIN can never keep unconnected networks from
> being routed globally, I wonder if you'd take the time to read the SIDR
> work from IETF.
>
> Consider what would happen if ARIN were to issue non-connected network
> space, and bind it's use to a specific (dummy) ASN.  Once secure, the
> public ("Internet") BGP system would never accept an announcement from
> anyone attempting to announce that prefix from another ASN.
>
> If some group of enterprises needed to do (I)BGP on their non-connected
> networks (such as for VPN use), they would either create an exception to
> SBGP, or they would introduce a second SIDR root CA into their routers.
> (This is commonly done in S/MIME email system and HTTPS systems in many
> enterprises)
>
>    



More information about the ARIN-PPML mailing list