Re: DoD IP Space
Using the generally accepted definition of a bogon ( RFC 1918 / 5735 / 6598 + netblock not allocated by an RiR ), 22/8 is not a bogon and shouldn't be treated as one. The DoD does not announce it to the DFZ, as is their choice, but nothing says they may not change that position tomorrow. There are plenty of subnets out there that are properly allocated by an RiR, but the assignees do not send them to the DFZ because of $reasons. In my opinion, creating bogon lists that include allocated but not advertised prefixes is poor practice that is likely to end up biting an operator at one point or another. On Tue, Nov 5, 2019 at 9:45 AM Töma Gavrichenkov wrote: > Peace, > > On Tue, Nov 5, 2019, 4:55 PM David Conrad wrote: > > On Nov 4, 2019, at 10:56 PM, Grant Taylor via NANOG > wrote: > >> This thread got me to wondering, is there any > >> legitimate reason to see 22/8 on the public > >> Internet? Or would it be okay to treat 22/8 > >> like a Bogon and drop it at the network edge? > > > > Given the transfer market for IPv4 addresses, > > the spot price for IPv4 addresses, and the need > > of even governments to find “free” (as in > > unconstrained) money, I’d think treating any > > legacy /8 as a bogon would not be prudent. > > It has been said before in this thread that the DoD actively uses this > network internally. I believe if the DoD were to cut costs, they > would be able to do it much more effectively in many other areas, and > their IPv4 networks would be about the last thing they would think of > (along with switching off ACs Bernard Ebbers-style). With that in > mind, treating the DoD networks as bogons now makes total sense to me. > > -- > Töma >
Re: DoD IP Space
Peace, On Tue, Nov 5, 2019, 4:55 PM David Conrad wrote: > On Nov 4, 2019, at 10:56 PM, Grant Taylor via NANOG wrote: >> This thread got me to wondering, is there any >> legitimate reason to see 22/8 on the public >> Internet? Or would it be okay to treat 22/8 >> like a Bogon and drop it at the network edge? > > Given the transfer market for IPv4 addresses, > the spot price for IPv4 addresses, and the need > of even governments to find “free” (as in > unconstrained) money, I’d think treating any > legacy /8 as a bogon would not be prudent. It has been said before in this thread that the DoD actively uses this network internally. I believe if the DoD were to cut costs, they would be able to do it much more effectively in many other areas, and their IPv4 networks would be about the last thing they would think of (along with switching off ACs Bernard Ebbers-style). With that in mind, treating the DoD networks as bogons now makes total sense to me. -- Töma
Re: DoD IP Space
On Nov 4, 2019, at 10:56 PM, Grant Taylor via NANOG wrote: > This thread got me to wondering, is there any legitimate reason to see 22/8 > on the public Internet? Or would it be okay to treat 22/8 like a Bogon and > drop it at the network edge? Given the transfer market for IPv4 addresses, the spot price for IPv4 addresses, and the need of even governments to find “free” (as in unconstrained) money, I’d think treating any legacy /8 as a bogon would not be prudent. Regards, -drc signature.asc Description: Message signed with OpenPGP
Re: Russian government???s disconnection test
On Sat, Nov 02, 2019 at 09:18:36AM -0700, Mike Bolitho wrote: > The very fact that there are > AWS/Azure/Google Cloud data centers located around the globe makes anything > hosted there even more resilient, not less (and for the most part, I still > prefer on prem DC so I'm not even pushing "To the cloud!"). No, this fact makes everything far less resilient, because it means "one stop shopping" for attackers. It also makes the available attacker budget much greater, since the ROI increases every time more resources are concentrated in fewer places. ---rsk