Home page logo
/

nanog logo nanog mailing list archives

splitting up a /20 (was: Class B Address)
From: William Allen Simpson <wsimpson () greendragon com>
Date: Tue, 06 Jun 2000 14:09:40 -0400


-----BEGIN PGP SIGNED MESSAGE-----

Matt Cramer wrote:
My company has a /20 out of the traditional Class C space.  We want to use
those addresses rather than the addresses our ISP would give us.  We have
asked the ISP if they can announce a /24 out of that block, and they have
said "sure".  However, I have read here about announcement filtering.

Will certain providers filter that /24?  We have two reasons for using our
own space.  First, we can get redundancy by connecting with two ISPs and
having them both announce the network (or have one announce if the other
dies).  

Multi-homing redundancy is a good thing, assuming that you have undertaken 
multiple service entrances to your facilities, and prevented your circuits 
from being "groomed" into the same cable elsewhere.  Several such concerns 
have been described recently on this list.

Otherwise, your multi-homing makes no sense.  Experience has shown that 
failures are more likely to occur in your local facilities than in 
the provider(s). 


Second, we can carve up our /20 in /24s and use them for different
Internet POPs for our company (e.g. one in the states, one in Europe, one
in the Pacific Rim, etc.).

A /20 that is split up into /24s should be filtered!

REMEMBER: IP addresses are related to network TOPOLOGY, not your company 
administration.  Dividing a set of "related" addresses into unrelated 
topology (split by oceans) increases the routing costs of everyone else.


I am primarily a security person but unfortunately our LAN and WAN people
know less about this than I so I am trying to decide what we should do.
Any help or information about the logical design I mentioned would be
greatly appreciated.

What you should do is this: look up the adjacent /20 and offer to 
give them the addresses.  They might make better use of them.

(I cannot tell which /20 you might be talking about, as you don't seem 
to use them for your DNS, using ATT, PSI, and others instead.)


BTW: I see that your company is a major DNS polluter, registering many 
business terms in .com .net and .org, and pirating the ArmstrongSucks
.com .net .org.  No actual servers seem to be present....  Are there 
really international .net operators that hate Armstrong?  And your 
company funds and hosts the discussion?

-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.1

iQCVAwUBOT0+P9m/qMj6R+sxAQHZ9wQAzapYaxxTdxXq51n23qtezTmNoNi/WnoA
ugAaHWaXwdhgm9nkLtVLRYpWoL4ZN1Owl0gyNheyvAaUHwrmnxgdbYBdKeggRvRa
8UxK4zh8O/wQpTVKhwpl2Ywg7/YwSdHk9/o2suN+OlX8ddBIm2rrdWRjshj38GbD
WrYWA9mfJhQ=
=ilMq
-----END PGP SIGNATURE-----




  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault