nanog mailing list archives

Re: DoD IP Space

From: Brandon Martin <lists.nanog () monmotha net>
Date: Wed, 20 Jan 2021 10:11:59 -0500

On 1/20/21 9:58 AM, j k wrote:

My question becomes, what level of risk are these companies taking on byusing the DoD ranges on their internal networks? And have theyquantified the costs of this outage against moving to IPv6?

Honestly I can't think of much unless maybe they're a defense contractorthat would potentially end up with DoD ranges (non-isolated/classifiednetworks) in their view of the global routing table. Appropriatelytreating it like "my networks" and/or RFC1918 in your routing policies(not exporting it, not accepting routes for it, etc.) would be requiredto properly ensure network stability of course.

Some OSes treat RFC1918 space as inherently "special" (extra trusted,etc.) and wouldn't treat the DoD ranges as such, but those behaviors aretypically undesirable or at least not relied on on a network of thatscale, anyway.


Not that I'd recommend it.
--
Brandon Martin

Current thread:

Re: DoD IP Space John Curran (Jan 20)
- Re: DoD IP Space Cynthia Revström via NANOG (Jan 20)
  - Re: DoD IP Space John Curran (Jan 20)
    - Re: DoD IP Space j k (Jan 20)
    - Re: DoD IP Space Brandon Martin (Jan 20)
    - Re: DoD IP Space Dorn Hetzel (Jan 20)
    - Re: DoD IP Space Owen DeLong (Jan 20)
    - Re: DoD IP Space Brandon Martin (Jan 20)
    - Re: DoD IP Space Jim Young via NANOG (Jan 20)
    - Re: DoD IP Space Fred Baker (Jan 20)
    - Re: DoD IP Space Doug Barton (Jan 20)
    - Re: DoD IP Space Andy Ringsmuth (Jan 21)
    - Re: DoD IP Space Sabri Berisha (Jan 21)
    - Re: DoD IP Space Brandon Svec (Jan 21)
    - Re: DoD IP Space j k (Jan 21)

(Thread continues...)