Yeah, definitely talking about use that is deep behind multiple layers of firewalls, or maybe even air-gapped with respect to routable protocols. I won't say what sort of industry runs large piles of ancient gear, but you could probably guess...
On Wed, Jan 20, 2021 at 10:13 AM Brandon Martin <lists.na...@monmotha.net> wrote: > On 1/20/21 9:58 AM, j k wrote: > > My question becomes, what level of risk are these companies taking on by > > using the DoD ranges on their internal networks? And have they > > quantified the costs of this outage against moving to IPv6? > > Honestly I can't think of much unless maybe they're a defense contractor > that would potentially end up with DoD ranges (non-isolated/classified > networks) in their view of the global routing table. Appropriately > treating it like "my networks" and/or RFC1918 in your routing policies > (not exporting it, not accepting routes for it, etc.) would be required > to properly ensure network stability of course. > > Some OSes treat RFC1918 space as inherently "special" (extra trusted, > etc.) and wouldn't treat the DoD ranges as such, but those behaviors are > typically undesirable or at least not relied on on a network of that > scale, anyway. > > Not that I'd recommend it. > -- > Brandon Martin >