Suspecious anycast prefixes

Danny McPherson danny at tcb.net
Thu May 5 12:59:00 UTC 2011


On May 3, 2011, at 6:17 AM, Bill Woodcock wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> 
> On May 2, 2011, at 12:35 PM, Joe Abley wrote:
>> It's perhaps worth noting that there is work in the IETF to recommend that every prefix originated as part of an anycast cloud uses a unique origin AS (see <http://tools.ietf.org/html/draft-ietf-grow-unique-origin-as-00>). I'm not personally convinced of the arguments in the draft, but mentioning it in this thread seems reasonable.
> 
> I'm also not convinced of the arguments in the draft, since it argues that it would be a best-practice

'A', not 'the', for the reasons conveyed in the draft (e.g., control 
plane discriminator, RPKI foundations, etc..).  If you don't like it, 
don't do it, it's certainly easier to not do it.
 
> for me to originate my address space from more than 8,000 different ASNs,

8000 is a very large number.

> when I currently do just fine advertising it from three.

"You" as a service operator do just fine, and it's surely much 
simpler from a configuration and provisioning standpoint.  But 
what about those folks that consume the service, and have no 
indication of which node they may be utilizing from an Internet 
control plane perspective, or all the associated derivatives?

>  I'd much rather there not exist a document that clueless people can point at and claim is a "best common practice" when it's neither best nor common.

'clueless people' wouldn't care which node they utilize, where 
it resides, or what other attributes might exist and be associated 
with it.  Providing a discriminator in the control plane for the 
consumer of critical network services might well be of utility to 
some.  

-danny







More information about the NANOG mailing list