On 26-May-2013, Manish Karir writes:
I wanted to follow up on the darknet /12 experiment that was discussed at the routing working group meeting.
Hi, This comment has more to do with the Darknet experiments in general, rather than anything specific to RIPE's participation in them. Briefly: Due to the presence of these /12 route announcements, packets with source IP addresses spoofed from within these /12's will no longer be blocked by any networks implementing loose-mode uRPF. Yes, strict BCP38 ingress packet filtering should be happening wherever it's possible to do it, so in an ideal world there would be no further reason for anyone to perform loose-mode uRPF. But in today's Internet, many providers do use loose-mode uRPF to lower the level of junk packets they have to contend with. I am not saying that this loose-mode uRPF argument outweighs the value obtained by having Merit observe the traffic destined into the otherwise dark portions of the /12s, but I do think this aspect of the experiments should be recognized and discussed. Thanks. Jay B.