Re: Point 2 point IPs between ASes

[Job Snijders <job () instituut net>]

On Tue, 27 Jun 2017 at 22:29, Krunal Shah <KShah () primustel ca> wrote:

> Hello,
>
> What subnet mask you are people using for point to point IPs between two
> ASes? Specially with IPv6, We have a transit provider who wants us to use
> /64 which does not make sense for this purpose. isn’t it recommended to use
> /127 as per RFC 6164 like /30 and /31 are common for IPv4.



Yes, "longer than /64" subnets are fine for point2point. If the equipment
on both sides supports RFC 6164 I'd use a /127, otherwise a /126.


I was thinking, if someone is using RFC7404 for point to point IP between
> two ASes and establish BGP over link local addresses. This way you have
> your own IP space on your router and transit provider does not have to
> allocate IP space for point to point interface between two ASes. In
> traceroutes you would see only loopback IP address with GUA assigned from
> your allocated routable address space. Remotely DDoS to this link isn’t
> possible this way. Thoughts?


I wouldn't use link-local in context of Inter-Domain Routing. Too hard to
troubleshoot, many networks expect globally unique IP addresses for their
BGP neighbors, you want to be able to call a NOC and have the IPs function
as semaphore for the circuit ID.

What you could do is set aside a block which you blackhole or tarpit
through ingress ACLs, and use linknets from that "globally unusable ip
space". Some providers can offer you a router2router linknet from such
unreachable IP space so you don't have to set it apart.

Kind regards,

Job

>