"Tactical" /24 announcements

• Previous message (by thread): "Tactical" /24 announcements
• Next message (by thread): "Tactical" /24 announcements
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Aug 16, 2021 at 7:10 AM Jason Pope <boards188 at gmail.com> wrote:
>
> >On Thu, Aug 12, 2021 at 9:41 AM Hank Nussbacher <hank at interall.co.il> wrote:
> >> How does this break the Internet?
> >
> >A originates 10.0.0.0/16 to paid transit C
> >B originates 10.0.1.0/24 also to paid transit C
> >C offers both routes to D. D discards 10.0.1.0/24 from the RIB based
> >on same-next-hop
> >You peer with A and D. You receive only 10.0.0.0/16 since A doesn't
> >originate 10.0.1.0/24 and D has discarded it.
> >You send packets for 10.0.1.0/24 to A (the shortest path for
> >10.0.0.0/16), stealing A's paid transit to C to get to B.
> >Unless A filters C-bound packets purportedly from 10.0.1.0/24. B
> >doesn't currently transit for A so from B's perspective that's not an
> >allowed path. In which case, your path to 10.0.1.0/24 is black holed.
> >
> >D broke the Internet. If packets from you reach A at all, they do so
> >through an unpermitted path.
>
> Ok, I apologize, but I have some dumb questions (because I don't BGP anymore):
>
> 1) I assume in the scenario that A "owns" (ARIN assignment) 10.0.0.0/16 and if B has a /24 assignment out of the block that A "owns", shouldn't that mean that B has a business relationship with A and some kind of direct connectivity to A?

Hi Jason,

Not necessarily. It isn't modern practice but as others have pointed
out there have been instances where a customer took an ISP-assigned
block with them when they left.

> 3) If "yes", then the connectivity wouldn't be broken, right?

Not necessarily. You have to consider the route in -all- of the states
it can be in, including the one where they're not, at this moment,
successfully connected to the ISP which assigned the addresses. I
offered a scenario in a prior post where the ISP's peering router
carries only locally-originated and customer routes. When the customer
loses their connection to the ISP (e.g. cable cut) their route
disappears from the peering router. The users of the ISP can still
reach it via the origin's alternate Internet connection.

Reciprocal peers of the ISP can also reach it via the broader Internet
but can't reach it via the peering connection to the ISP to whom the
origin is not currently connected. If they filter the Internet route,
the path ends up going to the ISP's peering router where it's black
holed.

Regards,
Bill Herrin



-- 
William Herrin
bill at herrin.us
https://bill.herrin.us/

• Previous message (by thread): "Tactical" /24 announcements
• Next message (by thread): "Tactical" /24 announcements
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]