Re: [ipv6-wg] route6: 2A00::/12
[cross-posted to ipv6-wg@ripe.net] Il 20/10/12 21:58, Manish Karir ha scritto:
Hi Antonio,
Yes. Merit is in the process of running a large IPv6 darknet experiment. Our goal is to announce every allocated /12 (1 from each RIR) first sequentially and then together. We conducted a 1hr test announcement on wed and to the best of knowledge we did not break anything. These announcements will each last 1 week each starting Nov 1. Your more specific announcements in BGP should still get all your data correctly routed to you. However if you have noticed any strange behavior please let us know.
Thanks. -manish
Manish, thanks for your kind reply. Maybe I missed some announcement e-mail here. Is there any document to read about that "large IPv6 darknet experiment" you at Merit are going to run in accordance also with RIPE NCC? (I'm aware of what Geoff Juston made at APINIC in June 2010 with 2400::/12 https://labs.ripe.net/Members/mirjam/background-radiation-in-ipv6) I was wondering if any consensus is needed before starting such a big thing that involves IPv6 production networks as well. I mean: when my route6 is not announced via BGP, it's supposed that every packet sent to it doesn't get anywhere, hopefully. OTOH, if during this experiment, for any reason (wanted or not), my prefix is no more announced, I'm afraid the /12 would attract (perhaps hijack?) those packets (actually breaking, I believe, any existent ROA for the prefix). So, just asking: what kind of packets are going to be collected and how stored, analysed and by whom? Thank you -- antonio
----- Original Message ----- From: Antonio Prado <aprado@topnet.it> To: ipv6-ops@lists.cluenet.de Cc: mkarir@merit.edu Sent: Fri, 19 Oct 2012 13:09:23 -0400 (EDT) Subject: route6: 2A00::/12
Hello,
just saw a new entry in RADB for 2A00::/12 and was wondering if could be a fat-finger issue as our IPv6 prefix (a /29) actually belongs to that /12.
route6: 2A00::/12 descr: MERIT Network Inc. 1000 Oakbrook Drive, Suite 200 Ann Arbor MI 48104, USA origin: AS237 mnt-by: MAINT-AS237 remarks: This announcement is part of an RIPE approved experiment. For additional information please send email to mkarir@merit.edu source: RADB changed: ljb@merit.edu 20121017
Anyone aware of this experiment?
Thank you -- antonio
Hi Antonio, Here is some related material: Internet Pollution Studies in IPv4: - 1/8 Pollution NANOG Presentation: http://www.merit.edu/research/pdf/2010/karir_1slash8.pdf - Follow on: NANOG Presentation: http://www.merit.edu/research/pdf/2011/Internet-Pollution-Part2.pdf - IMC Paper on Internet Pollution: http://www.merit.edu/research/pdf/2010/imc10-wustrow.pdf A recent workshop on the topic: http://www.caida.org/workshops/dust/1205/ Internet Pollution in IPv6: - Geoff Hustons work on IPv6 darknets: http://www.caida.org/workshops/dust/1205/slides/dust1205_ghuston.pdf - Details of APNICs experiment with announcing their IPv6 cover /12 route as well as analysis of results: http://www.caida.org/workshops/dust/1205/slides/dust1205_cdeccio.pdf This particular effort is an attempt to replicate the work performed by Geoff Huston at APNIC for different regions in order to understand any regional variations that might exist. In general we collect all un-wanted traffic in the darknet of our experiment. Our general experiment architecture is shown here: http://software.merit.edu/darknet Results from our analysis are presented back into the Internet operations community along with any recommendations that might emerge. Data collected is shared with researchers at the RIRs for their own analysis. Please let me know if you have additional questions. Thanks. -manish On Oct 21, 2012, at 6:21 AM, Antonio Prado wrote:
[cross-posted to ipv6-wg@ripe.net]
Il 20/10/12 21:58, Manish Karir ha scritto:
Hi Antonio,
Yes. Merit is in the process of running a large IPv6 darknet experiment. Our goal is to announce every allocated /12 (1 from each RIR) first sequentially and then together. We conducted a 1hr test announcement on wed and to the best of knowledge we did not break anything. These announcements will each last 1 week each starting Nov 1. Your more specific announcements in BGP should still get all your data correctly routed to you. However if you have noticed any strange behavior please let us know.
Thanks. -manish
Manish,
thanks for your kind reply.
Maybe I missed some announcement e-mail here. Is there any document to read about that "large IPv6 darknet experiment" you at Merit are going to run in accordance also with RIPE NCC? (I'm aware of what Geoff Juston made at APINIC in June 2010 with 2400::/12 https://labs.ripe.net/Members/mirjam/background-radiation-in-ipv6)
I was wondering if any consensus is needed before starting such a big thing that involves IPv6 production networks as well.
I mean: when my route6 is not announced via BGP, it's supposed that every packet sent to it doesn't get anywhere, hopefully. OTOH, if during this experiment, for any reason (wanted or not), my prefix is no more announced, I'm afraid the /12 would attract (perhaps hijack?) those packets (actually breaking, I believe, any existent ROA for the prefix).
So, just asking: what kind of packets are going to be collected and how stored, analysed and by whom?
Thank you -- antonio
----- Original Message ----- From: Antonio Prado <aprado@topnet.it> To: ipv6-ops@lists.cluenet.de Cc: mkarir@merit.edu Sent: Fri, 19 Oct 2012 13:09:23 -0400 (EDT) Subject: route6: 2A00::/12
Hello,
just saw a new entry in RADB for 2A00::/12 and was wondering if could be a fat-finger issue as our IPv6 prefix (a /29) actually belongs to that /12.
route6: 2A00::/12 descr: MERIT Network Inc. 1000 Oakbrook Drive, Suite 200 Ann Arbor MI 48104, USA origin: AS237 mnt-by: MAINT-AS237 remarks: This announcement is part of an RIPE approved experiment. For additional information please send email to mkarir@merit.edu source: RADB changed: ljb@merit.edu 20121017
Anyone aware of this experiment?
Thank you -- antonio
Hi, Just to confirm: The RIPE NCC is aware of this and has authorised MERIT to use the address space for this purpose. You can find some more details on RIPE Labs: https://labs.ripe.net/Members/mirjam/ipv6-darknet-experiment The results will also be published on RIPE Labs. Kind regards, Mirjam Kuehne RIPE NCC On 21/10/12 6:17 PM, Manish Karir wrote:
Hi Antonio,
Here is some related material:
Internet Pollution Studies in IPv4:
- 1/8 Pollution NANOG Presentation: http://www.merit.edu/research/pdf/2010/karir_1slash8.pdf
- Follow on: NANOG Presentation: http://www.merit.edu/research/pdf/2011/Internet-Pollution-Part2.pdf
- IMC Paper on Internet Pollution: http://www.merit.edu/research/pdf/2010/imc10-wustrow.pdf
A recent workshop on the topic: http://www.caida.org/workshops/dust/1205/
Internet Pollution in IPv6:
- Geoff Hustons work on IPv6 darknets: http://www.caida.org/workshops/dust/1205/slides/dust1205_ghuston.pdf
- Details of APNICs experiment with announcing their IPv6 cover /12 route as well as analysis of results: http://www.caida.org/workshops/dust/1205/slides/dust1205_cdeccio.pdf
This particular effort is an attempt to replicate the work performed by Geoff Huston at APNIC for different regions in order to understand any regional variations that might exist. In general we collect all un-wanted traffic in the darknet of our experiment. Our general experiment architecture is shown here: http://software.merit.edu/darknet Results from our analysis are presented back into the Internet operations community along with any recommendations that might emerge. Data collected is shared with researchers at the RIRs for their own analysis.
Please let me know if you have additional questions.
Thanks. -manish
On Oct 21, 2012, at 6:21 AM, Antonio Prado wrote:
[cross-posted to ipv6-wg@ripe.net]
Il 20/10/12 21:58, Manish Karir ha scritto:
Hi Antonio,
Yes. Merit is in the process of running a large IPv6 darknet experiment. Our goal is to announce every allocated /12 (1 from each RIR) first sequentially and then together. We conducted a 1hr test announcement on wed and to the best of knowledge we did not break anything. These announcements will each last 1 week each starting Nov 1. Your more specific announcements in BGP should still get all your data correctly routed to you. However if you have noticed any strange behavior please let us know.
Thanks. -manish
Manish,
thanks for your kind reply.
Maybe I missed some announcement e-mail here. Is there any document to read about that "large IPv6 darknet experiment" you at Merit are going to run in accordance also with RIPE NCC? (I'm aware of what Geoff Juston made at APINIC in June 2010 with 2400::/12 https://labs.ripe.net/Members/mirjam/background-radiation-in-ipv6)
I was wondering if any consensus is needed before starting such a big thing that involves IPv6 production networks as well.
I mean: when my route6 is not announced via BGP, it's supposed that every packet sent to it doesn't get anywhere, hopefully. OTOH, if during this experiment, for any reason (wanted or not), my prefix is no more announced, I'm afraid the /12 would attract (perhaps hijack?) those packets (actually breaking, I believe, any existent ROA for the prefix).
So, just asking: what kind of packets are going to be collected and how stored, analysed and by whom?
Thank you -- antonio
----- Original Message ----- From: Antonio Prado <aprado@topnet.it> To: ipv6-ops@lists.cluenet.de Cc: mkarir@merit.edu Sent: Fri, 19 Oct 2012 13:09:23 -0400 (EDT) Subject: route6: 2A00::/12
Hello,
just saw a new entry in RADB for 2A00::/12 and was wondering if could be a fat-finger issue as our IPv6 prefix (a /29) actually belongs to that /12.
route6: 2A00::/12 descr: MERIT Network Inc. 1000 Oakbrook Drive, Suite 200 Ann Arbor MI 48104, USA origin: AS237 mnt-by: MAINT-AS237 remarks: This announcement is part of an RIPE approved experiment. For additional information please send email to mkarir@merit.edu source: RADB changed: ljb@merit.edu 20121017
Anyone aware of this experiment?
Thank you -- antonio
On 11/1/12 4:44 PM, Mirjam Kuehne wrote:
Hi,
Just to confirm: The RIPE NCC is aware of this and has authorised MERIT to use the address space for this purpose. You can find some more details on RIPE Labs:
https://labs.ripe.net/Members/mirjam/ipv6-darknet-experiment
Hi, on Merit website has appeared a comprehensive page, with Letters of authority as well: http://software.merit.edu/darknetv6/ Thanks -- antonio
On 10/21/12 12:21 PM, Antonio Prado wrote:
I mean: when my route6 is not announced via BGP, it's supposed that every packet sent to it doesn't get anywhere, hopefully.
Sure? In majority of cases it would go where default route is pointing :) Usually people accept default route at least from one upstream. You would be surprised, what percentage of IPv4 Internet (I suspect in IPv6 there is similar picture) runs on default routing - Randy did that experiment and can tell you the numbers ;) Cheers, Jan
Hi Jan, On 10/26/12 2:44 PM, Jan Zorz @ go6.si wrote:
Sure? In majority of cases it would go where default route is pointing :)
Anyway, it shouldn't :)
Usually people accept default route at least from one upstream. You would be surprised, what percentage of IPv4 Internet (I suspect in IPv6 there is similar picture) runs on default routing - Randy did that experiment and can tell you the numbers ;)
I remember those slides: unfortunately the percentage is high, but it's not how DFZ is supposed to be, v4 or v6. Back to the topic, I see that no one else cares for what traffic this experiment is going to attract, if it's just noise or legitimate packets. Thanks -- antonio
The way I understand how Internet works today, the "legitimate packets" would be either TCP SYN packets or DNS queries. What am I missing? Ivan
-----Original Message----- From: ipv6-wg-bounces@ripe.net [mailto:ipv6-wg-bounces@ripe.net] On Behalf Of Antonio Prado Sent: Tuesday, October 30, 2012 8:54 AM To: ipv6-wg@ripe.net Cc: Jan Zorz @ go6.si Subject: Re: [ipv6-wg] route6: 2A00::/12
Hi Jan,
On 10/26/12 2:44 PM, Jan Zorz @ go6.si wrote:
Sure? In majority of cases it would go where default route is pointing :)
Anyway, it shouldn't :)
Usually people accept default route at least from one upstream. You would be surprised, what percentage of IPv4 Internet (I suspect in IPv6 there is similar picture) runs on default routing - Randy did that experiment and can tell you the numbers ;)
I remember those slides: unfortunately the percentage is high, but it's not how DFZ is supposed to be, v4 or v6.
Back to the topic, I see that no one else cares for what traffic this experiment is going to attract, if it's just noise or legitimate packets.
Thanks -- antonio
On 10/30/12 1:44 PM, Ivan Pepelnjak wrote:
The way I understand how Internet works today, the "legitimate packets" would be either TCP SYN packets or DNS queries.
What am I missing?
Legitimate packets are all packets with clearly marked protocol version in the header and at least source and destination address and a remaining header structure that fits the specification :) Cheers, Jan
On 30. okt. 2012, at 15:19, Jan Zorz @ go6.si <jan@go6.si> wrote:
On 10/30/12 1:44 PM, Ivan Pepelnjak wrote:
The way I understand how Internet works today, the "legitimate packets" would be either TCP SYN packets or DNS queries.
What am I missing?
Legitimate packets are all packets with clearly marked protocol version in the header and at least source and destination address and a remaining header structure that fits the specific ation :)
Cheers, Jan
Hi Jan, I think Ivan was referring to the great majority of the "legitimate packets" nowadays, which would probably need only two bits for the destination port ;-)
Cheers, Matjaž
On 10/30/12 8:54 AM, Antonio Prado wrote:
Hi Jan,
On 10/26/12 2:44 PM, Jan Zorz @ go6.si wrote:
Sure? In majority of cases it would go where default route is pointing :)
Anyway, it shouldn't :)
In theory there is no difference between theory and reality. In reality, there is :)
Usually people accept default route at least from one upstream. You would be surprised, what percentage of IPv4 Internet (I suspect in IPv6 there is similar picture) runs on default routing - Randy did that experiment and can tell you the numbers ;)
I remember those slides: unfortunately the percentage is high, but it's not how DFZ is supposed to be, v4 or v6.
Supposed to be. Agree :) Any idea how to solve that "routing misbehavior"?
Back to the topic, I see that no one else cares for what traffic this experiment is going to attract, if it's just noise or legitimate packets.
I think this discussion was well in the topic as this issue can have considerable impact on the result of the experiment. Actually, this can drive the results in any direction. Cheers, Jan
participants (6)
-
Antonio Prado -
Ivan Pepelnjak -
Jan Zorz @ go6.si -
Manish Karir -
Matjaž Straus Istenič -
Mirjam Kuehne