[arin-ppml] 2600::/12 LOA
cja at daydream.com
Sat Mar 29 14:51:38 EDT 2014
The ends don't always justify the means. The reason there is a policy
proposal in the ARIN region to stop this practice is because not everyone
covered by these /12 announcements is happy that their addresses were part
of an experiment. There is a belief that Merit should have had permission
from the entities who had allocations out of these aggregates before
announcing a prefix that included them. Note also that this is called a
darknet project but these networks were NOT dark. They were live
production IPv6 deployments around the world. This is not the same as
announcing an IPv4 /8 that has nothing assigned out of it to see who is
using it who shouldn't be.
On Sat, Mar 29, 2014 at 5:29 PM, Joe St Sauver <joe at oregon.uoregon.edu>wrote:
> John Curran commented:
> #We were asked to cooperate with Merit on darknet research on ARIN's IPv6
> #2600::/12 space and I authorized the effort. Apparently, the effort also
> #included the routing an overall covering prefix and I missed that aspect
> #of the project. Aside from the technical concerns outlined here, there
> #is also a very valid question of whether ARIN should ever be involved in
> #routing authorization covering already issued space, since presumably the
> #same dialogue and consensus in the operator community (that should be a
> #prerequisite for such an experiment) should also suffice as the approval
> #with ISPs when it comes to researchers actually inserting the necessary
> #Going forward, ARIN will not issue routing authorization that covers any
> #address space issued to others without community-developed policy that
> #specifically directs us to do so.
> In mid-December 2013 I highlighted this very Merit darknet project in
> a keynote I did for Merit Networks Networking Summit in Ann Arbor, see
> "Networking in These Crazy Days: Stay Calm, Get Secure, and Get Involved,"
> at slide 28.
> I think that the Merit IPv6 darknet project was *very* important in helping
> to promote uptake of IPv6 in that it provides empirical evidence that the
> level of "background radiation" in IPv6 space isn't very high right now
> (roughly ~1Mbps), and what is there is typically the result of
> misconfiguration rather than malicious scanning (or at least that's what
> was reported in the Merit technical paper summarizing that experience,
> as cited in my slides).
> Moreover, given BGP route selection rules, I'm not particularly disturbed
> by the presence of that covering announcement: any more specific route
> immediately be preferred to a broad covering route of the sort employed by
> the IPv6 darknet research effort.
> I believe that ARIN acted properly in supporting this network research, and
> I'd be quite disappointed if ARIN (and other RIRs) discontinued support for
> research of this sort, particularly when carefully done by leading academic
> networking research organizations.
> Joe St Sauver, Ph.D. (joe at oregon.uoregon.edu)
> Disclaimer: I am not affiliated with the Merit Darknet effort, and all
> opinions expressed in this note are purely my own.
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> Please contact info at arin.net if you experience any issues.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the ARIN-PPML