FW: /8s and filtering

Forrest forrest at almighty.c64.org
Tue Dec 10 19:13:31 UTC 2002

On Tue, 10 Dec 2002, N wrote:

> comments inline
> > If you're a smaller organization, perhaps you'll only have a /23 from your 
> > upstream provider.  With the filtering that seems to be in place, it seems 
> > like the only way you can truly multihome with a /23 is if it happens to 
> > be in the old Class C space.  Or is this wrong?  
> In today's VLSM world... the old classes have no bearing on filtering in
> my experience. Prefix length discrimination knows no classfull
> boundaries.

That doesn't seem to be true, look at Verio's routing policies for 


In the traditional Class A space (i.e., 0/1), we accept /22 and shorter. 
In the traditional Class B space (i.e., 128/2), we accept /22 and shorter. 
In the traditional Class C space (i.e., 192/3), we accept /24 and shorter. 

If people didn't accept /24's from the old Class C space then it seems 
like anyone still using swamp space would find themselves blackholed.  
Such as this block to pick one at random.

> > What seems to be needed is perhaps a /8 set aside by the RIR specifically 
> > to allocate to small organizations that wish to multihome that people 
> > would accept /24 and shorter from.  
> There is value in the current filtering of longest prefixes... Allowing
> anyone to multihome with BGP, using any network size, is going to double
> our BGP tables overnight. Perhaps its good that you must be of some size
> to participate in public BGP.  Many providers offer redundancy that is
> more appropriate for the smaller networks. 

I guess I don't understand how allowing "just anyone" to multihome is 
going to double the BGP table size.  With the current ASN setup you 
couldn't have more than ~65000 organizations multihoming.  Personally, I 
think an organization announcing 100 more specifics on accident along with 
announcing their large aggregate is a much larger problem than the small 
amount of small organizations that want to multihome.  

In reality, all the filtering policies do is cause people to simply waste 
enough IP space in order to qualify for a block that won't get filtered.  

Have you seen the waste that goes on with some of these web hosting 
companies?  I've seen web servers that have a /25 assigned to *ONE* 
server because the server owner was willing to pay the $5/IP or whatever 
that the ISP charges.  And the server wasn't even running SSL or anything 
that required IP addresses, virtual hosting would have worked just fine.  
You think perhaps there might be another reason for why this is happening?  
Perhaps it's the only way a company can justify asking for a /19 that 
will make it past the filters.


More information about the NANOG mailing list