Re: Utilizing USG networks for internal purposes (Re: route: 0.0.0.0/32 in LEVEL3 IRR)
Dave - You’d need to ask someone who speaks for the USG to address that question – and that’s definitely not my job. However, I will observe in the time since then, the DoD has taken to occasionally publicly routing some of its address blocks, so the probability of inadvertent routing impact has almost certainly increased. Thanks, /John John Curran President and CEO American Registry for Internet Numbers > On Feb 14, 2024, at 1:25 AM, Dave Taht wrote: > > Excellent summary of the USG position as of 2019. It is, um, nearly 5 > years later, has any of these stuff evolved? > > On Tue, Feb 13, 2024 at 9:58 PM John Curran wrote: >> >> On Jan 31, 2024, at 12:48 AM, Rubens Kuhl wrote: >> >> DoD's /8s are usually squatted by networks that run out of private IPv4 >> space. >> Even though it is very risky to steal resources from an organization >> that can deploy a black helicopter or a nuclear warhead over you, for >> some reason like it not appearing in the DFZ people seem to like it. >> >> >> Folks - >> >> A network that wants to be creative and utilize an address block that’s >> assigned to others >> for their own internal purposes runs two distinct risks: >> >> 1. An address block that’s not utilized today may easily become publicly >> routed tomorrow >>(either by the original address holder or by their assignee/successor) >> and it is not possible >>to reliably predict whether your customers will need access to the >> resources that end up >>on that address space. >> >> 2. If you should leak routes publicly for another's address space, there are >> organizations that >>will object – and in the case US government networks, this can include >> some uncomfortable >>conversations. [1] >> >> None of this suggests that one cannot configure their routers any way that >> they wish – just that >> it’d be best if done with appropriate care and an upfront understanding of >> the risks involved. >> >> Thanks! >> /John >> >> John Curran >> President and CEO >> American Registry for Internet Numbers >> >> [1] >> https://pc.nanog.org/static/published/meetings/NANOG77/2108/20191028_Elverson_Your_As_Is_v1.pdf >> pg 4. >> > > > -- > 40 years of net history, a couple songs: > https://www.youtube.com/watch?v=D9RGX6QFm5E > Dave Täht CSO, LibreQos
Re: Utilizing USG networks for internal purposes (Re: route: 0.0.0.0/32 in LEVEL3 IRR)
Excellent summary of the USG position as of 2019. It is, um, nearly 5 years later, has any of these stuff evolved? On Tue, Feb 13, 2024 at 9:58 PM John Curran wrote: > > On Jan 31, 2024, at 12:48 AM, Rubens Kuhl wrote: > > DoD's /8s are usually squatted by networks that run out of private IPv4 space. > Even though it is very risky to steal resources from an organization > that can deploy a black helicopter or a nuclear warhead over you, for > some reason like it not appearing in the DFZ people seem to like it. > > > Folks - > > A network that wants to be creative and utilize an address block that’s > assigned to others > for their own internal purposes runs two distinct risks: > > 1. An address block that’s not utilized today may easily become publicly > routed tomorrow > (either by the original address holder or by their assignee/successor) > and it is not possible > to reliably predict whether your customers will need access to the > resources that end up > on that address space. > > 2. If you should leak routes publicly for another's address space, there are > organizations that > will object – and in the case US government networks, this can include > some uncomfortable > conversations. [1] > > None of this suggests that one cannot configure their routers any way that > they wish – just that > it’d be best if done with appropriate care and an upfront understanding of > the risks involved. > > Thanks! > /John > > John Curran > President and CEO > American Registry for Internet Numbers > > [1] > https://pc.nanog.org/static/published/meetings/NANOG77/2108/20191028_Elverson_Your_As_Is_v1.pdf > pg 4. > -- 40 years of net history, a couple songs: https://www.youtube.com/watch?v=D9RGX6QFm5E Dave Täht CSO, LibreQos
Utilizing USG networks for internal purposes (Re: route: 0.0.0.0/32 in LEVEL3 IRR)
On Jan 31, 2024, at 12:48 AM, Rubens Kuhl wrote: DoD's /8s are usually squatted by networks that run out of private IPv4 space. Even though it is very risky to steal resources from an organization that can deploy a black helicopter or a nuclear warhead over you, for some reason like it not appearing in the DFZ people seem to like it. Folks - A network that wants to be creative and utilize an address block that’s assigned to others for their own internal purposes runs two distinct risks: 1. An address block that’s not utilized today may easily become publicly routed tomorrow (either by the original address holder or by their assignee/successor) and it is not possible to reliably predict whether your customers will need access to the resources that end up on that address space. 2. If you should leak routes publicly for another's address space, there are organizations that will object – and in the case US government networks, this can include some uncomfortable conversations. [1] None of this suggests that one cannot configure their routers any way that they wish – just that it’d be best if done with appropriate care and an upfront understanding of the risks involved. Thanks! /John John Curran President and CEO American Registry for Internet Numbers [1] https://pc.nanog.org/static/published/meetings/NANOG77/2108/20191028_Elverson_Your_As_Is_v1.pdf pg 4.
