Stealthy Overlay Network Re: 202401100645.AYC Re: IPv4 address block

Fri Jan 12 20:06:32 UTC 2024

>
> You don't need everything in the world to support it, just the things
> "you" use.

You run an ISP, let me posit something.

Stipulate your entire network infra, services, and applications support
240/4, and that it's approved for global , public use tomorrow. Some
company gets a block in there, stands up some website. Here are some
absolutely plausible scenarios that you might have to deal with.

- Some of your customers are running operating systems / network gear that
doesn't support 240/4.
- Some of your customers may be using 3rd party DNS resolvers that don't
support 240/4.
- Some network in between you and the dest missed a few bogon ACLs ,
dropping your customer's traffic.

All of this becomes support issues you have to deal with.

On Fri, Jan 12, 2024 at 2:21 PM Mike Hammett <nanog at ics-il.net> wrote:

> I wouldn't say it's unknowable, just that no one with a sufficient enough
> interest in the cause has been loud enough with the research they've done,
> assuming some research has been done..
>
> You don't need everything in the world to support it, just the things
> "you" use.
>
>
>
> -----
> Mike Hammett
> Intelligent Computing Solutions <http://www.ics-il.com/>
> <https://www.facebook.com/ICSIL>
> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb>
> <https://www.linkedin.com/company/intelligent-computing-solutions>
> <https://twitter.com/ICSIL>
> Midwest Internet Exchange <http://www.midwest-ix.com/>
> <https://www.facebook.com/mdwestix>
> <https://www.linkedin.com/company/midwest-internet-exchange>
> <https://twitter.com/mdwestix>
> The Brothers WISP <http://www.thebrotherswisp.com/>
> <https://www.facebook.com/thebrotherswisp>
> <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg>
> ------------------------------
> *From: *"Tom Beecher" <beecher at beecher.cc>
> *To: *"Mike Hammett" <nanog at ics-il.net>
> *Cc: *"Ryan Hamel" <ryan at rkhtech.org>, "Abraham Y. Chen" <
> AYChen at alum.mit.edu>, nanog at nanog.org
> *Sent: *Friday, January 12, 2024 1:16:53 PM
> *Subject: *Re: Stealthy Overlay Network Re: 202401100645.AYC Re: IPv4
> address block
>
> How far are we from that, in reality? I don't have any intention on using
>> the space, but I would like to put some definition to this boogey man.
>
>
> It's unknowable really.
>
> Lots of network software works just fine today with it. Some don't. To my
> knowledge some NOS vendors have outright refused to support 240/4 unless
> it's reclassified. Beyond network equipment, there is an unknowable number
> of software packages , drivers, etc out in the world which 240/4 is still
> hardcoded not to work. It's been unfortunate to see this fact handwaved
> away in many discussions on the subject.
>
> The Mirai worm surfaced in 2016. The software vulnerabilities used in its
> attack vectors are still unpatched and present in massive numbers
> across the internet; there are countless variants that still use the same
> methods, 8 years later. Other vulnerabilities still exist after
> multiple decades. But we somehow think devices will be patched to support
> 240/4 quickly?
>
> It's just unrealistic.
>
> On Fri, Jan 12, 2024 at 1:03 PM Mike Hammett <nanog at ics-il.net> wrote:
>
>> " every networking vendor, hardware vendor, and OS vendor"
>>
>> How far are we from that, in reality? I don't have any intention on using
>> the space, but I would like to put some definition to this boogey man.
>>
>>
>>
>> -----
>> Mike Hammett
>> Intelligent Computing Solutions <http://www.ics-il.com/>
>> <https://www.facebook.com/ICSIL>
>> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb>
>> <https://www.linkedin.com/company/intelligent-computing-solutions>
>> <https://twitter.com/ICSIL>
>> Midwest Internet Exchange <http://www.midwest-ix.com/>
>> <https://www.facebook.com/mdwestix>
>> <https://www.linkedin.com/company/midwest-internet-exchange>
>> <https://twitter.com/mdwestix>
>> The Brothers WISP <http://www.thebrotherswisp.com/>
>> <https://www.facebook.com/thebrotherswisp>
>> <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg>
>> ------------------------------
>> *From: *"Ryan Hamel" <ryan at rkhtech.org>
>> *To: *"Abraham Y. Chen" <aychen at avinta.com>, "Vasilenko Eduard" <
>> vasilenko.eduard at huawei.com>
>> *Cc: *"Abraham Y. Chen" <AYChen at alum.MIT.edu>, nanog at nanog.org
>> *Sent: *Thursday, January 11, 2024 11:04:31 PM
>> *Subject: *Re: Stealthy Overlay Network Re: 202401100645.AYC Re: IPv4
>> address block
>>
>> Abraham,
>>
>> You may not need permission from the IETF, but you effectively need it
>> from every networking vendor, hardware vendor, and OS vendor. If you do not
>> have buy in from key stakeholders, it's dead-on arrival.
>>
>> Ryan
>> ------------------------------
>> *From:* NANOG <nanog-bounces+ryan=rkhtech.org at nanog.org> on behalf of
>> Abraham Y. Chen <aychen at avinta.com>
>> *Sent:* Thursday, January 11, 2024 6:38:52 PM
>> *To:* Vasilenko Eduard <vasilenko.eduard at huawei.com>
>> *Cc:* Chen, Abraham Y. <AYChen at alum.MIT.edu>; nanog at nanog.org <
>> nanog at nanog.org>
>> *Subject:* Stealthy Overlay Network Re: 202401100645.AYC Re: IPv4
>> address block
>>
>> Caution: This is an external email and may be malicious. Please take
>> care when clicking links or opening attachments.
>>
>> Hi, Vasilenko:
>>
>> 1)    ... These “multi-national conglo” has enough influence on the IETF
>> to not permit it.":
>>
>>     As classified by Vint Cerf, 240/4 enabled EzIP is an overlay network
>> that may be deployed stealthily (just like the events reported by the
>> RIPE-LAB). So, EzIP deployment does not need permission from the IETF.
>>
>> Regards,
>>
>>
>> Abe (2024-01-11 21:38 EST)
>>
>>
>>
>>
>> On 2024-01-11 01:17, Vasilenko Eduard wrote:
>>
>> > It has been known that multi-national conglomerates have been using it
>> without announcement.
>>
>> This is an assurance that 240/4 would never be permitted for Public
>> Internet. These “multi-national conglo” has enough influence on the IETF
>> to not permit it.
>>
>> Ed/
>>
>> *From:* NANOG [mailto:nanog-bounces+vasilenko.eduard=huawei.com at nanog.org
>> <nanog-bounces+vasilenko.eduard=huawei.com at nanog.org>] *On Behalf Of *Abraham
>> Y. Chen
>> *Sent:* Wednesday, January 10, 2024 3:35 PM
>> *To:* KARIM MEKKAOUI <amekkaoui at mektel.ca> <amekkaoui at mektel.ca>
>> *Cc:* nanog at nanog.org; Chen, Abraham Y. <AYChen at alum.MIT.edu>
>> <AYChen at alum.MIT.edu>
>> *Subject:* 202401100645.AYC Re: IPv4 address block
>> *Importance:* High
>>
>>
>>
>> Hi, Karim:
>>
>>
>>
>> 1)    If you have control of your own equipment (I presume that your
>> business includes IAP - Internet Access Provider, since you are asking to
>> buy IPv4 blocks.), you can get a large block of reserved IPv4 address *for
>> free* by *disabling* the program codes in your current facility that has
>> been *disabling* the use of 240/4 netblock. Please have a look at the
>> below whitepaper. Utilized according to the outlined disciplines, this is a
>> practically unlimited resources. It has been known that multi-national
>> conglomerates have been using it without announcement. So, you can do so
>> stealthily according to the proposed mechanism which establishes uniform
>> practices, just as well.
>>
>>
>>
>>     https://www.avinta.com/phoenix-1/home/RevampTheInternet.pdf
>>
>>
>>
>> 2)    Being an unorthodox solution, if not controversial, please follow
>> up with me offline. Unless, other NANOGers express their interests.
>>
>>
>>
>>
>>
>> Regards,
>>
>>
>>
>>
>>
>> Abe (2024-01-10 07:34 EST)
>>
>>
>>
>>
>>
>>
>>
>> On 2024-01-07 22:46, KARIM MEKKAOUI wrote:
>>
>> Hi Nanog Community
>>
>>
>>
>> Any idea please on the best way to buy IPv4 blocs and what is the price?
>>
>>
>>
>> Thank you
>>
>>
>>
>> KARIM
>>
>>
>>
>>
>>
>>
>>
>>
>> <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient>
>>
>> Virus-free.www.avast.com
>> <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient>
>>
>>
>>
>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20240112/248ce046/attachment.html>