This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[ipv6-wg] Publication of default assignment sizes for end-user network ?
- Previous message (by thread): [ipv6-wg] Procedural approach for approval of new charter
- Next message (by thread): [ipv6-wg] Publication of default assignment sizes for end-user network ?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Marco Hogewoning
marcoh at marcoh.net
Wed Oct 28 14:01:31 CET 2009
Fellow WG members, This is something that seems to be lingering around for some time now and from talking to various people seems that there is some basic need for a system for this. I understand the IPv6-WG may not be the correct place to solve the issue, however I do think this is a nice platform to try and see if we can work out what the actual need is for that and hopefully this can result in some draft proposal that can be taken to the appropriate working group or even to another body for the actual implementation. As per RIPE-481 section 5.5 there is no need to register assignments of a /48 or longer into the public RIR/NIR database, as long it's registered by the LIR and that data is accessible by the RIR. Now this does not forbid you to register individual assignments into the public database, but doing so poses various problems. Not only the sheer number of assignments can be a problem, but also keeping that registration up-to-date will have serious impact on your day to day operations and especially with residential users there might be privacy issues as well. From an IR perspective this all makes sense and seems like reasonable behavior and I'm not intending of changing this. From what I see in the emerging deployments is that there are quite some differences between various operators on what the default assignment size to end users is and even in the same operator the actual size assigned might vary in between the various products from anywhere between a /128 to establish a link up to the full /48 possible. Together with these emerging deployments and this is primarily focussed on eyeballs but it may also apply to hosting as well, there seems to become a need to establish things like GEO-IP services but also blacklists for, as an example, email. Within IPv4 these kind of services can pretty much be done with a resolution of the full 32 bits registering individual IP addresses and still end up with a manageable list. With IPv6 emerging this situation changes, as most as not all customers will receive at least a /64 it seems natural to do some form of aggregation and I already can think of 2 reasons why: - Doing it on the full /128 will have the risks the lists become too big and maintaining and distributing them becomes impossible - Within the /64 it's fairly easy to switch addresses or to simply select multiple, so for instance a virus can use an almost unlimited number of source addresses to do evil. Naturally this has already led to aggregation, people working on collecting this data and generating these blacklists and also get-up services have invented there own scheme, some of them register individual /64's, others seem to have or start using a model where presence of X numbers of individual /64 blocks will lead to automatic aggregation and the next 'natural' boundary for that is /48. This in itself can lead to issues for instance when you assign /56 to a customer premises and somebody decides to aggregate he may as well block 256 house holds and not the one doing evil. Now talking with people the problem seems big enough that it needs fixing, in fact we may as well fix it before it goes wrong. Now I realize there are various way how to attack this and various platforms or community bodies to address this. At this point in time the RIR seems a reasonable place and what I'm trying with this post is see if there is some consensus about the fact this is a problem worth fixing and hopefully together and as a WG we can generate some output by for instance writing a draft proposal and bring it to other working groups or standardization bodies. So about the solution, one of the things I'm thinking about is asking the database group to implement an additional and optional attribute for inet6num which can hold the standard assignment size used for this block. So for instance I can put an object there saying 2001:980:1000::/36 is used for residential DSL assignments and default assignment size is /48 and that 2001:980:2000::/36 is used for hosting purposes and assignment size is a /64. That way people can find out about and aggregate their lists or even abuse complaints according to boundaries set by the operator and they no longer have to guess and potentially harm themselves or other users because there educate guess was of by 8 bits. This is only one possible solution, I also heard a voice saying we could try and solve this in DNS and it might be taken to IETF others suggested that instead of the database this should be published as a machine parseable list on a static URL. Now I'm perfectly happy to write that proposal, in fact some of it is already done. So is this worth going after, did I miss something here, can you provide arguments supporting this or against this approach and what sort of solution would you like. Looking forward to your comments either on this list or privately, especially from people who are in the business of data collection/ publishing. While we work on the new charter let's together try and proof this WG still is capable of producing something usefull :) Grtx, Marco Hogewoning (Both operator and concerned citizen)
- Previous message (by thread): [ipv6-wg] Procedural approach for approval of new charter
- Next message (by thread): [ipv6-wg] Publication of default assignment sizes for end-user network ?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ ipv6-wg Archives ]