IPv6 policies & BGP announcements
Hi, I have a few question regarding IPv6, and policies. I am not LIR, so I cannot get any /32 for my network usage. I got from my LIR a /48 for my internal network needs, and another /48 for another end-user, routed through my network. The two /48 are consecutive, and aggregable as a single /47. - Am I allowed to announce a prefix more specific than my LIR's /32 (originated from my ASN, not the LIR's one) ? - If I can announce a more specific prefix, do I have to announce a couple of /48s, or may I announce a single /47, originated from my AS ? If I can announce the /47, I assume the LIR has to create a route: object ? - Is there any recommendations I'd need to know for such a situation (except becoming LIR, which is not possible for us at the moment) ? Thank you for your help -- Clément Cavadore
* Clement Cavadore:
- Am I allowed to announce a prefix more specific than my LIR's /32 (originated from my ASN, not the LIR's one) ?
This is really the LIR's call because it's within their prefix. There are no other rules regarding prefix announcements.
- If I can announce a more specific prefix, do I have to announce a couple of /48s, or may I announce a single /47, originated from my AS ? If I can announce the /47, I assume the LIR has to create a route: object ?
Not necessarily. For IPv4, there are some folks who use RIR data to create filters, so having such an object would be beneficial. I don't know about the state of IPv6 filtering. A lot of operators likely discard anything longer than /32 in the RIR allocation space.
- Is there any recommendations I'd need to know for such a situation (except becoming LIR, which is not possible for us at the moment) ?
ARIN offers IPv6 PI space, perhaps you can get a /48 prefix which is supposed to be globally routable from them.
On Mon, 26 Nov 2007, Florian Weimer wrote:
* Clement Cavadore:
- Am I allowed to announce a prefix more specific than my LIR's /32 (originated from my ASN, not the LIR's one) ?
This is really the LIR's call because it's within their prefix. There are no other rules regarding prefix announcements.
- If I can announce a more specific prefix, do I have to announce a couple of /48s, or may I announce a single /47, originated from my AS ? If I can announce the /47, I assume the LIR has to create a route: object ?
Not necessarily. For IPv4, there are some folks who use RIR data to create filters, so having such an object would be beneficial. I don't know about the state of IPv6 filtering.
The biggest problem is the state of IPv6 deployment itself :-( But some transit providers start to ask about route6 objects, just like they do about route object (i.e. see rpslng). At least mine, does :-)
A lot of operators likely discard anything longer than /32 in the RIR allocation space.
Probably. Most people doesn't follow (or is aware) about: http://www.space.net/~gert/RIPE/ipv6-filters.html Perhaps the effect would be different if the RIRs would start to maintain these recommendations themselves.......
- Is there any recommendations I'd need to know for such a situation (except becoming LIR, which is not possible for us at the moment) ?
ARIN offers IPv6 PI space, perhaps you can get a /48 prefix which is supposed to be globally routable from them.
Best Regards, ------------------------------------------------------------------------- Carlos Friac,as See: Wide Area Network Working Group (WAN) www.gigapix.pt FCCN - Fundacao para a Computacao Cientifica Nacional www.ipv6.eu Av. do Brasil, n.101 www.6diss.org 1700-066 Lisboa, Portugal, Europe www.geant2.net Tel: +351 218440100 Fax: +351 218472167 www.fccn.pt ------------------------------------------------------------------------- The end is near........ see http://ipv4.potaroo.net "Internet is just routes (241744/992), naming (billions) and... people!" Esta mensagem foi enviada de 2001:690:2080:8004:250:daff:fe3b:2830 Aviso de Confidencialidade Esta mensagem e' exclusivamente destinada ao seu destinatario, podendo conter informacao CONFIDENCIAL, cuja divulgacao esta' expressamente vedada nos termos da lei. Caso tenha recepcionado indevidamente esta mensagem, solicitamos-lhe que nos comunique esse mesmo facto por esta via ou para o telefone +351 218440100 devendo apagar o seu conteudo de imediato. Warning This message is intended exclusively for its addressee. It may contain CONFIDENTIAL information protected by law. If this message has been received by error, please notify us via e-mail or by telephone +351 218440100 and delete it immediately.
On Tue, 2007-11-27 at 19:22 +0000, Carlos Friacas wrote:
The biggest problem is the state of IPv6 deployment itself :-( But some transit providers start to ask about route6 objects, just like they do about route object (i.e. see rpslng). At least mine, does :-)
That's exactly what I assumed, so I asked my LIR to create a route6 object for the /47 I announce to him.
A lot of operators likely discard anything longer than /32 in the RIR allocation space.
Probably. Most people doesn't follow (or is aware) about: http://www.space.net/~gert/RIPE/ipv6-filters.html
Perhaps the effect would be different if the RIRs would start to maintain these recommendations themselves.......
It would sure be better. I saw a /42 announced by RIPE, which is part of another LIR's /32 sTLA. Although there is no route6: object for it, I guess most of IPv6-aware networks do care about reaching RIPE's IPv6 servers. Seeing that announcement gave me guidelines regarding BCP in doing IPv6 multihoming without being LIR. Florian Weimer wrote:
ARIN offers IPv6 PI space, perhaps you can get a /48 prefix which is supposed to be globally routable from them.
Well, since I am not in ARIN-land, it wouldn't be really normal for me to ask for an ARIN-PIv6. Let's assume RIPE will find a good solution for people in my case :). Regards, -- Clément Cavadore
Clement Cavadore wrote: [..]
It would sure be better. I saw a /42 announced by RIPE, which is part of another LIR's /32 sTLA. Although there is no route6: object for it, I guess most of IPv6-aware networks do care about reaching RIPE's IPv6 servers. Seeing that announcement gave me guidelines regarding BCP in doing IPv6 multihoming without being LIR.
The RIPE _NCC_ did this as they don't qualify for an allocation themselves, this as they are not an LIR nor are they anywhere near anything that would justify for something much larger than a /48 (I wonder why they got a /42 in this case but there prolly is some reason for it) It is good to see that RIPE NCC follow and adhere to their own guidelines unlike other organizations. As such they only get a small chunk of space and that from a LIR. They can choose to announce it and have a route6 object for it, and in case that announcement gets filtered the /32 BGP announcement from the LIR will cover it and route it to them. There is one problem with this setup though. If 'good/fast' providers filter your more specific, then most likely only 'bad/slow' providers will transit it to others, who will use the more specific and thus the bad/slow providers. As such announcing a more specific can cause that your prefix becomes broken due to the better ISP's filtering the more specific out.
Florian Weimer wrote:
ARIN offers IPv6 PI space, perhaps you can get a /48 prefix which is supposed to be globally routable from them.
Well, since I am not in ARIN-land, it wouldn't be really normal for me to ask for an ARIN-PIv6. Let's assume RIPE will find a good solution for people in my case :).
What exactly is "your case"? Greets, Jeroen
On Tue, 2007-11-27 at 23:35 +0100, Jeroen Massar wrote:
There is one problem with this setup though. If 'good/fast' providers filter your more specific, then most likely only 'bad/slow' providers will transit it to others, who will use the more specific and thus the bad/slow providers. As such announcing a more specific can cause that your prefix becomes broken due to the better ISP's filtering the more specific out.
I agree on that. But except having a statically routed IP space by a LIR (or becoming LIR and ask for a /32, which would surely be overkill, or trying to ask ARIN for PIv6), is there any other proper solutions ? Hopefully, as you said, if a more specific prefix is filtered somewhere, it could still be routed through its LIR's /32 announcement (if the LIR knows the more specific route, or course).
What exactly is "your case"?
I simply run a small network without being LIR (having PI in IPv4 land), and would like to have IPv6 services available in it. First, I got a /48 statically routed in my network by the LIR who owns the parent /32. Then, I got the consecutive /48 routed to my network, so I chose to announce a /47, in order to have multihoming and peering intercos, in the future, using my ASN, like I do in IPv4. I guess it's always the same debate: What are the pros and cons regarding PIv6 (or call it "globally routable smaller prefix than /32"). Regards, -- Clément Cavadore
Clement Cavadore wrote:
On Tue, 2007-11-27 at 23:35 +0100, Jeroen Massar wrote:
There is one problem with this setup though. If 'good/fast' providers filter your more specific, then most likely only 'bad/slow' providers will transit it to others, who will use the more specific and thus the bad/slow providers. As such announcing a more specific can cause that your prefix becomes broken due to the better ISP's filtering the more specific out.
I agree on that. But except having a statically routed IP space by a LIR (or becoming LIR and ask for a /32, which would surely be overkill, or trying to ask ARIN for PIv6), is there any other proper solutions ?
The RIPE membership clearly voted for the latter. Become LIR and get your piece of IPv6.
Hopefully, as you said, if a more specific prefix is filtered somewhere, it could still be routed through its LIR's /32 announcement (if the LIR knows the more specific route, or course).
It does, but note that the more specific might have a bad path which can cause your prefix to be semi-blacklisted because of this.
What exactly is "your case"?
I simply run a small network without being LIR (having PI in IPv4 land), and would like to have IPv6 services available in it. First, I got a /48 statically routed in my network by the LIR who owns the parent /32. Then, I got the consecutive /48 routed to my network, so I chose to announce a /47, in order to have multihoming and peering intercos, in the future, using my ASN, like I do in IPv4.
That is a description of what you want, not what problem it exactly tries to solve. Thus what is the case that you are trying to solve and in which way is current policy inadequate and how do you propose it could be solved in a better way and why? Greets, Jeroen
On Mon, 26 Nov 2007, Clement Cavadore wrote:
I have a few question regarding IPv6, and policies. I am not LIR, so I cannot get any /32 for my network usage. I got from my LIR a /48 for my internal network needs, and another /48 for another end-user, routed through my network. The two /48 are consecutive, and aggregable as a single /47.
- Am I allowed to announce a prefix more specific than my LIR's /32 (originated from my ASN, not the LIR's one) ?
- If I can announce a more specific prefix, do I have to announce a couple of /48s, or may I announce a single /47, originated from my AS ? If I can announce the /47, I assume the LIR has to create a route: object ?
- Is there any recommendations I'd need to know for such a situation (except becoming LIR, which is not possible for us at the moment) ?
Are you single-homed to your LIR? If yes, your advertisement does not need to propagate to the whole internet. If not, connectivity might break to those other ISPs which do filter more specifics based on allocation boundaries. -- Pekka Savola "You each name yourselves king, yet the Netcore Oy kingdom bleeds." Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
participants (5)
-
Carlos Friacas -
Clement Cavadore -
Florian Weimer -
Jeroen Massar -
Pekka Savola