To CAIS Engineers - WAKE UP AND TAKE CARE OF YOUR CUSTOMERS
Josh Richards
jrichard at cubicle.net
Sun May 13 22:29:03 UTC 2001
* Roeland Meyer <rmeyer at mhsc.com> [20010513 13:45]:
>
> None of the DSL ISPs can do larger than /27 anymore, even when they're
> ILECs.
What does being an ILEC have to do with layer 3 routing?
'sides there are plenty of DSL ISPs that offer larger than a /27. Heck, I
count some of them among my clients who consist primarily of smaller
regional players. If you are looking for more major player examples that
offer larger IP blocks:
* MegaPath
<URL:http://www.megapath.net/> (see Support -> IP Request Form)
* PacBell/SBC
<URL:http://public.pacbell.net/dedicated/dsl/dsl_business.html>
How hard have you looked, Roeland?
> Anything less than a /24 can't be SWIP'd and if you don't control
> your in-addr.arpa entries you don't control your domain and have no
> security.
This is FUD. For example, look up "63.201.8.120". That sure looks like a
/29 to me. Hell, that's even being done by an ILEC owned ISP. :-) In fact,
ARIN (and other regional registries have similar policies) encourage SWIP
reassignments for anything up to and including /29. An NSP who has to
justify its requests for IP space (read: any) knows how much easier and
quicker the process is made when they have everything SWIP'd already.
<URL:ftp://ftp.arin.net/pub/swip/swipinstruction.txt>
As to controlling your reverse delegation, if your IP block is less than a
/24 how often do you _really_ need to change your reverse? If the answer is
not often you are losing nothing by having your upstream handle it for you.
If you still want control of it, convince your upstream to implement
RFC2317 (if they haven't already):
<URL:http://www.rfc-editor.org/rfc/rfc2317.txt>
As to trusting reverse nameservice records for security, well, that's your
choice not mine..
-jr
----
Josh Richards <jrichard@{ geekresearch.com, cubicle.net }> [JTR38/JR539-ARIN]
Geek Research, LLC - San Luis Obispo, CA - <URL:http://www.geekresearch.com/>
KG6CYK - IP/Unix/telecom/knowledge/coffee/security/crypto/business/geek
More information about the NANOG
mailing list