/24s run amuck

• Previous message (by thread): /24s run amuck
• Next message (by thread): /24s run amuck
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Jan 13, 2004, at 2:35 PM, McBurnett, Jim wrote:

> Ok, I am often outgunned and off target here.
> But I have to ask this:
> 1. If filtering is used, as suggested by someone, what happens to the
> 	small/mid-sized company that is multi-homed out of an ISP's
> 	/20 or larger block?  In this case, I can see an ISP with a /20
> 	bust that up to /21s smaller to accommodate this user.

For everyone who filters, they will only see the aggregate CIDR and 
send it to that upstream.

For everyone who does not filter, you will get traffic over the 
"closest" upstream.

If the link to the upstream with the aggregate dies, interesting things 
can happen.  Assuming that upstream listens to its own address space, 
traffic will go:

   [Filtering network] -> [CIDR upstream] -> [second upstream]

If the CIDR upstream does not listen to its own announcements, you will 
lose connectivity from anyone who filters.


> 2. Wasn't /24 filtering something that a few large ISP's did a few
> 	years ago and everyone complained? I don't have a reference here
> 	but I seem to remember some flack about that.

Sprint and a few others used to filter on /19s, 'cause that's what ARIN 
& others handed out.  They changed that to /20s when the rules changed. 
  Sprint gave that up.

Last time I checked Verio and a Japanese ISP (NTT?) filtered, but not 
many other people did.

Almost everyone filters on /24s - they do not want to see /32s in the 
global table.


> 3. What happens in the case of a carrier that has given /24s to a
> 	downstream out of different blocks?

If the downstream is single homed, nothing.  The /24s should not be in 
the global table, just the provider's local table.

If the downstream is multi-homed, the upstream should try to give out 
aggregate blocks.


> I guess the real question is this:
>
> If X company can not be reached, how/who would you complain to?

Your upstream.  You pay them for connectivity, if they cannot provide 
it, yell at them.

Naturally, this does not always work.  Joe Random ISP cannot force 
Verio to change its filtering policies.


> And would this be like the RR and AOL email filtering lists where
> we all complain, and this filtering is an effort by some
> to force others to clean up their act?

Yes it is.  But this is a bit more religious than spam filtering.  Then 
again, so are some spam filters....


> Am I out in Left field?

Yes, but aren't we all? :)

-- 
TTFN,
patrick

• Previous message (by thread): /24s run amuck
• Next message (by thread): /24s run amuck
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]