[arin-ppml] ULA-C and reverse DNS
owen at delong.com
Mon Mar 22 14:03:37 EDT 2010
On Mar 22, 2010, at 9:30 AM, <michael.dillon at bt.com> wrote:
>> Are you suggesting that each sub part of an enterprise should
>> be able get its own /48? Are you suggesting there should be
>> no limit to the number of /48s a enterprise can get? It
>> sounds to me like that is what you are suggesting.
> There is a natural limit on the number of ULA-C prefixes that
> an enterprise can get. If they only want to route locally in
> some lab or local infrastructure, then they can get a ULA-C
> block. Later, if what they have built becomes valuable to the
> enterprise, they can route that ULA-C block enterprise wide
> with confidence that it won't break anything. But, the new
> block will not function enterprise wide unless they can
> convice the IT admins to unblock that network in their firewall
> ACLs. It is common for there to be multiple layers of firewalls
> internal to an enterprise and the policies are roughly to block
> all traffic that is not known and registered in their IT registry.
How does that pose a limit on the number of blocks they get?
The process you have described allows a very large enterprise
to get a ULA-C block for a lab, use it, tear it down, forget they ever
had it and apply for another one 3 months later. Lather, rinse,
repeat until you actually do manage to burn 40 bits worth of
There is nothing in your proposal to prevent failure to return
unused ULA-C and nothing to prevent merely applying for
more instead of reusing what you already have.
Given our experiences with the IPv4 swamp, I'm inclined to
believe that such a system is not in the best interests of the
internet community and does not represent good stewardship
of the address space.
More information about the ARIN-PPML