[arin-ppml] IPv6 Multihomed networks
Scott Leibrand
scottleibrand at gmail.com
Tue Feb 23 14:48:14 EST 2010
I think most people understand that a SIDR/rPKI system would make this
problem go away. The big question is when such a system will ever be
deployed, and whether policy can safely assume it will be soon enough.
How foggy is your crystal ball on that subject? :-)
-Scott
On Tue 2/23/2010 11:43 AM, Michael Richardson wrote:
> For those that feel that ARIN can never keep unconnected networks from
> being routed globally, I wonder if you'd take the time to read the SIDR
> work from IETF.
>
> Consider what would happen if ARIN were to issue non-connected network
> space, and bind it's use to a specific (dummy) ASN. Once secure, the
> public ("Internet") BGP system would never accept an announcement from
> anyone attempting to announce that prefix from another ASN.
>
> If some group of enterprises needed to do (I)BGP on their non-connected
> networks (such as for VPN use), they would either create an exception to
> SBGP, or they would introduce a second SIDR root CA into their routers.
> (This is commonly done in S/MIME email system and HTTPS systems in many
> enterprises)
>
>
More information about the ARIN-PPML
mailing list