Owen DeLong owen at delong.com
Tue Sep 16 18:00:35 UTC 2014

On Sep 14, 2014, at 2:19 PM, Jimmy Hess <mysidia at gmail.com> wrote:

> On Sat, Sep 13, 2014 at 5:33 AM, Tarko Tikan <tarko at lanparty.ee> wrote:
>> 2000::/64 has nothing to do with it.
>> Any address between 2000:0000:0000:0000:0000:0000:0000:0000 and
>> 23ff:ffff:ffff:ffff:ffff:ffff:ffff:ffff together with misconfigured prefix
>> length (6 instead 64) becomes 2000::/6 prefix.
> It should be rejected for the same reason that is
> invalid in a prefix list  or access list.
> Any decent router won't allow you to enter just anything in that range
> into the export rules  with a /6,  except 2000::  itself, and will
> even show you a failure response instead of silently ignoring the
> invalid input,  for the very purpose of helping you avoid such errors.
>   2001::1/6  would be an example of an invalid input --  there are
> one or more non-zero bits listed outside the prefix, or where  bits in
> the mask are zero.
> Only 2000:0000:0000:0000:0000:0000:0000:0000/6    properly conforms,
> not just "any IP"   in that range  can have a /6  appended to the end.

Which is one of the reasons I think it was more likely a typo for 2000::/3
being entered via numeric keypad.

3 and 6 are adjacent on a numeric keypad and both 2000::/3 and 2000::/6 are
valid prefixes.


More information about the NANOG mailing list