[arin-ppml] Rationale for /22

Jon Lewis jlewis at lewis.org
Fri Jul 31 11:29:27 EDT 2009


On Fri, 31 Jul 2009, William Herrin wrote:

> Seriously, if you know of an ISP that's filtering on RIR minimums and
> relying on announced covering routes (with no default route) to catch
> the missing routes, I'd like to know who so I can go win an argument
> with one of my transit providers about which space to assign me.

I know people who've used at least subsets of the ISP-Ingress-Strict 
prefix filter to filter on some RIR minimums...but not without also 
pointing default at a provider who didn't do such filtering.

>> While the most traveled road is Multihome with PA, then Multihome
>> with PI, there are plenty of folks who single home with PA (no
>> global routing table slot) until they can qualify for an ARIN PI
>> block, then they multi-home.
>
> That the /22 policy encourages folks to screw up their networks is
> hardly a point in its favor.

A few more negative side effects of current policy I've seen on networks 
where I was brought in to "help":

Multihoming with PA space...the org gets a /24 at a time (as needed) from 
one of their providers.  Each /24 gets announced in BGP.  Worst case 
(which I have seen and cleaned up), the org may have gotten a mix of /24s, 
/23s, and even some /22s (don't ask me why they hadn't applied for PI), 
and because they don't know any better, it all gets announced as /24s.

Multihoming with PA space...in what I think is a violation of NRPM 
4.2.3.6, it seems typical for a multihomed org to be assigned a /24 from 
each of their providers ("you're buying a T1 or better and multihoming, 
here's your /24") and then announce one or more PA /24s in BGP.  The worst 
case I saw was an org that heavily used NAT (they had hundreds, perhaps a 
thousand) IP devices, but only perhaps a dozen or fewer public IPs in use, 
and they were assigned /24s concurrently from 4 different upstream 
providers.

Sure, these junk routes can be filtered...but in general they're not, and 
at the "Tier 1" level, they're almost certainly not.  In cases like the 
above, lowering the minimum allocation and encouraging orgs to get their 
own space would actually subtract routes from the global table.

> >> I suspect many of the folks on this list would spend a lot more
>> effort trying to multi-home if they could get 1 /32 from ARIN for
>> $10 per year.  The number of cable modem and DSL customers asking
>> their providers for BGP would skyrocket.  It's not because those
>> folks are multi-homed with PA space today.
>
> Straw man. We're talking about /24's not /32's. And $10 per year
> doesn't buy you BGP with any ISP I've ever talked to. Further, with
> the right language in a /24 policy we can, if we want to, make sure it
> never does.

Good luck getting any of the Bells to provision BGP for your DSL 
connection.  I did it for a DSL customer once...it was probably a 
mistake to agree to do it...but I only did it because he had his own 
legacy /24 and ASN.

----------------------------------------------------------------------
  Jon Lewis                   |  I route
  Senior Network Engineer     |  therefore you are
  Atlantic Net                |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________


More information about the ARIN-PPML mailing list