Time to add 2002::/16 to bogon filters?
Nick Hilliard
nick at foobar.org
Tue Jun 19 16:44:25 UTC 2018
Job Snijders wrote on 18/06/2018 22:08:
> Is there still really any legit reason left to accept, or propagate,
> 2002::/16 on EBGP sessions in the DFZ?
Out of curiosity, I ran a some atlas probe ping tests earlier today to
both a 6to4 test host and a separate control host with good quality v6
connectivity:
- 11000 6to4 probe requests
- 10000 native ipv6 probe requests
- 10 pings each
- 3308 unique probes replied
- 2907 attempted to ping both 6to4 and control hosts
- 2569 could ping the control host
- 2271 could ping the 6to4 host
I.e. ~12% of probes were able to ping the control host, but not the 6to4
host. If anyone wants the measurement IDs, please let me know.
Contrary to what Mark implied earlier in this thread about 6to4
connectivity failure being an end-site phenomenon, this figure is caused
solely by intermediate path problems. If, as he suggested, end-site
problems also contribute to poor quality 6to4 connectivity, then that
would compound the failure result.
From an operational point of view, what's relevant is whether dropping
2002::/16 would materially affect reliability for 6to4 users. Most
serious studies into 6to4 connectivity have shown that it causes high
failure rates, so arguably it could be seen as an improvement if you had
consistent 100% failure instead of double-digit percentage failure rates
to arbitrary 6to4 hosts. Consistency is intrinsically valuable.
Despite this, the case for organised action is unclear. If individual
operators want to drop the prefix, then that's their concern. If they
choose to do so, I suspect that the reaction of most of the ipv6 world
will be indifference.
Nick
More information about the NANOG
mailing list