Home page logo
/

nanog logo nanog mailing list archives

Re: The Gorgon's Knot. Was: Re: Verio Peering Question
From: "Patrick W. Gilmore" <patrick () ianai net>
Date: Fri, 28 Sep 2001 23:29:33 -0400


At 08:13 PM 9/28/2001 -0700, Sean M. Doran wrote:

>| This would cause depletion of address space faster.
>
>That sky hasn't fallen yet, despite the warnings since 1995.

Still a valid concern, if not an immediate one. And a more important one than table size, IMHO. We can always make bigger routers (whether they cost more or not, it is still possible), you cannot inject more numbers into the IPv4 space.

NAT also causes problems for things like web servers & name servers, although many of those can be worked around.


>| This does not address performance issues.
>
>Nobody's perfect.

Can I quote you on that? :)

I guess I could take your answer as an admission this solution is not optimal for people trying to multi-home.

Or how about this: While no *solution* is perfect, perhaps we should let the end user pick the solution which best fits their needs. IOW: Let the market decide.

I think the market has decided against this one. :)


>|  >     3. the maximum 254 things in the /24 can be renumbered
>|  >           into small ISP's PA space and announced to UUWHO
>|  >        with a constraining (set of) community(ies)
>|  >
>|  >        (NAT, incidentally, was also invented to make renumbering easier)
>|
>| All this does is swap the problem around, not solve it.
>
>It does: traffic follows the aggregate to some part of the
>         network that knows the secret exception and uses it,
>even though it does not tell the rest of the world it is doing
>so.  This network either needs to be big, or it needs to
>leak a constrained more specific out to some of its neighbours,
>which is a harder problem.
>
>Essentially you are creating a wormhole, by analogy with a black hole.
>
>"Ad hoc confederation of wormholers" either knows the more specific
>prefix or follows the PI aggregate around to the small provider,
>depending on connectivity.   Everyone else only knows the PI aggregate
>and follows that.  If the following lands on any "ad hoc confederation
>of wormholers" router, it follows the privately-known more specific.
>
>Geoff Huston has been talking about a community which is useful
>for doing the most common case of this kind of "ad hoc confederation"-making,
>even though it's designed to deal with traffic engineering:
>"announce this longer prefix to everyone receiving money from me".

There is still a problem here. If SmallISP.com dies, and therefore his PI space is removed from the global table, then anyone who is not part of the "ad hoc confederation of wormholers" loses connectivity with Mr. /24. Kinda makes multi-homing less useful.

Or did I miss something?


>| Why bother, when ISP-X down the street will "just do it"?
>
>... which is ineffectual if people are doing filtering or
>progressive flap dampening.

Agreed with the former, not the latter. If everyone is filtering, going down the street will not help. If everyone is progressive flap dampening (and not filtering), then the discussion becomes irrelevant.

So let's all stop filtering & start progressive flap dampening.  Deal?


>    Sean.

--
TTFN,
patrick


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]