[arin-ppml] [EXT] Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation
Owen DeLong
owen at delong.com
Mon May 6 03:04:31 EDT 2019
> On May 5, 2019, at 19:58 , Ronald F. Guilmette <rfg at tristatelogic.com> wrote:
>
>
> In message <F04ED1585899D842B482E7ADCA581B8472A70D58 at newserver.arneill-py.local
> Michel Py <michel at arneill-py.sacramento.ca.us> wrote:
>
>> Let's not forget the core reason we are in this squatting mess :
>> Because the attempts to transform what was Class E (240.0.0.0/4) into
>> private address space have been torpedoed.
>> We have a block of 268 million IP addresses that would have been perfect
>> for that, and that sits unused right now.
>> There were torpedoed because it was perceived as an attempt to slow down
>> IPv6 deployment.
>> Result : IPv4 is still there, and now we have a mess. Had Class E become an
>> extension of RFC1918, we would not have it because large folk who needed a
>> bigger private space than 10/8 would have been quite happy with 240/4 (16
>> consecutive Class A). Another failed policy that produced the opposite
>> effect of the intent.
>
> I really have no knowledge of any of this, and your contentions are rather
> entirely perplexing.
>
> If people want to use 240.0.0.0/4 -internally- as private RFC1918 address
> space, who's preventing them from doing so? As long as there are no route
> leaks for any of this to the outside world, I don't see the issue/problem.
The code in most hosts will not allow the entry of an IPv4 address within 240.0.0.0/4
as a unicast interface address.
FWIW, it’s also a fact that at least one address in 240.0.0.0/4 is not acceptable for
use as a unicast address since it’s the universal broadcast address (255.255.255.255).
>> The ARIN region is very behind compared to RIPE or LACNIC.
>> https://rpki-monitor.antd.nist.gov/
>> There have been extensive discussions recently about why. Parse the
>> archives.
>> We still are below 5%. I am one of the early adopters (I got my space
>> validated when we were below 2%).
>>
>> You want to know why ? Nobody really cares...
>
> OK, so how could be get people to care?
Making RPKI actually useful rather than just a cryptographic hint at the best prepend
might help.
At HE, we found a huge uptick in IPv6 sage certifications when we handed out
T-shirts. Perhaps a “My resources are signed… Are yours?” kind of T-shirt might
help.
Owen
More information about the ARIN-PPML
mailing list