nanog mailing list archives
Re: We hit half-million: The Cidr Report
From: "Patrick W. Gilmore" <patrick () ianai net>
Date: Wed, 30 Apr 2014 10:54:34 -0400
On Apr 30, 2014, at 09:15 , Jérôme Nicolle <jerome () ceriz fr> wrote:
Le 29/04/2014 04:39, Valdis.Kletnieks () vt edu a écrit :
Do we have a handle on what percent of the de-aggrs are legitimate attempts at TE, and what percent are just whoopsies that should be re-aggregated?Deaggs can "legitimatelly" occur for a different purpose : hijack prevention (Pilosov & Kapela style). It's fairly easy to punch a hole in a larger prefix, but winning the reachability race while unable to propagate a more specific prefix significantly increase hijacking costs.
Excellent point, Jérôme. Let's make sure nothing is hijack-able. Quick, let's de-agg -everything- to /24s. Everyone's routers can sustain > 10 million prefixes per full table, right? Jérôme, how many prefixes can your routers handle? Or we could stop thinking that abusing a shared resource for personal gain is a great idea.
For a less densely connected network (no presence on public IXPs, poor transits...), renumbering critical services (DNS, MX, extranets) to one of their /24s and de-aggregating it could be a smart move.
See my previous post. Of course deaggregation can have a use, but for a network is no peering an one or a few transits, those more specifices never have to hit the global table. Sending that /24 to your transit provider(s) with no-export will have the _exact_same_effect_, and not pollute anyone's routers whom you are not paying. The idea "I have a 'reason' for hurting everyone else, so it is OK" has got to stop. Just because you have a reason does not make it OK. And even when it is a good idea, most people implement it so poorly as to cause unneeded harm. -- TTFN, patrick
Attachment:
signature.asc
Description: Message signed with OpenPGP using GPGMail
Current thread:
- Re: We hit half-million: The Cidr Report, (continued)
- Re: We hit half-million: The Cidr Report Chris Boyd (Apr 28)
- Re: We hit half-million: The Cidr Report Patrick W. Gilmore (Apr 28)
- Re: We hit half-million: The Cidr Report Valdis . Kletnieks (Apr 28)
- Re: We hit half-million: The Cidr Report Charles Gucker (Apr 28)
- Re: We hit half-million: The Cidr Report Geoff Huston (Apr 29)
- Re: We hit half-million: The Cidr Report Patrick W. Gilmore (Apr 29)
- RE: We hit half-million: The Cidr Report Kate Gerry (Apr 29)
- Re: We hit half-million: The Cidr Report ML (Apr 29)
- Re: We hit half-million: The Cidr Report Paul S. (Apr 29)
- Re: We hit half-million: The Cidr Report Jérôme Nicolle (Apr 30)
- Re: We hit half-million: The Cidr Report Patrick W. Gilmore (Apr 30)
- Re: We hit half-million: The Cidr Report Jérôme Nicolle (Apr 30)
- Re: We hit half-million: The Cidr Report Owen DeLong (Apr 29)
- Re: We hit half-million: The Cidr Report Jeff Kell (Apr 29)
- Re: We hit half-million: The Cidr Report TheIpv6guy . (Apr 29)
- Re: We hit half-million: The Cidr Report Jeff Kell (Apr 29)
- Re: We hit half-million: The Cidr Report Blake Dunlap (Apr 30)
- Re: We hit half-million: The Cidr Report Sholes, Joshua (Apr 30)
- RE: We hit half-million: The Cidr Report Jamie Bowden (Apr 30)
- Re: We hit half-million: The Cidr Report Valdis . Kletnieks (Apr 30)
- Re: We hit half-million: The Cidr Report joel jaeggli (Apr 30)