[c-nsp] smaller PI
tkapela at gmail.com
tkapela at gmail.com
Wed Jun 30 09:32:37 EDT 2010
...And several shops filter on per-/8 RIR allocation min + maxes, too! Bassically, a /24 isn't a safe, global assumption, unless from swamp space and/or a RIR portion specifically created for micro-allocations.
Take note of the cisco "isp ingress strcit" prefix list on the ftp site. Folks *are* using the examples linked from:
http://blogs.cisco.com/security/comments/surprise_all_your_prefix_are_belong_to_us/
-Tk
-----Original Message-----
From: Jon Lewis <jlewis at lewis.org>
Sender: cisco-nsp-bounces at puck.nether.net
Date: Wed, 30 Jun 2010 09:14:05
To: Ziv Leyes<zivl at gilat.net>
Cc: cisco-nsp at puck.nether.net<cisco-nsp at puck.nether.net>
Subject: Re: [c-nsp] smaller PI
On Wed, 30 Jun 2010, Ziv Leyes wrote:
> That's weird, "PI" stands for "provider independent". How can one be independent with a non-routable IP range???
> Where did the "try to aggregate as much as possible" concept go to?
The RIRs guarantee uniqueness, not routability. If the space just needs
to be unique, it's not an issue. If it needs to be unique and routed on
the public internet, it seems a little silly for an RIR to allocate IPs
they know will not be generally accepted by the internet. AFAIK,
filtering longer than /24 is pretty common practice.
----------------------------------------------------------------------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list