Re: [v6ops] [GROW] Deaggregation by large organizations

[Owen DeLong <owen@delong.com>]

On Oct 16, 2014, at 07:59 , Gert Doering <gert@space.net> wrote:

> Hi,
> 
> On Thu, Oct 16, 2014 at 10:45:23AM -0400, Christopher Morrow wrote:
>>> A strong message to that extent would be good :-) - coupled with
>>> some recommendations how the conflicting goals ("I want all ISPs in
>>> my neighbourhood to use optimal routing" vs. "someone in Asia might
>>> not be interested in all in 5k routes for german municipality")
>>> could be solved.
>> 
>> ok, perhaps iljitsch can drop some text into a document so we can get
>> a good read going and decide whether or not GROW wants to spend cycles
>> on it?
> 
> That would be nice (as I see the problem but have no cycles to write
> something useful).
> 
>> The problem exists in v4 and v6 and likely will persist in whatever
>> comes next. It's directly related to routing operations work on the
>> global intertubes, so it SEEMS like GROW is the 'right place' to
>> discuss this... we can't go anywhere without text and a draft though.
> 
> It seems to be made worse by the fact that "this" can be done more
> easily with IPv6, as you just can't get enough v4 space to subdivide
> it into 5000 globally visible prefixes today - and those entities that
> discover the "must have reliability!  must have independence!" mantra
> *now* will hit the v6 space...  (given that I see this argument in this
> dimension more often from governmental structures who have been hiding
> behind single-IPv4-NAT so far).

ARIN still has some /12s available and so does AfriNIC, so that isn't
entirely true, but yes, mostly true if you discount the possibility of picking
up /12 or larger on the transfer market and deaggregating that (which
I am pretty sure is coming soon to a router near you).

> I *do* want a routing police, in the sense that "the operator community"
> agrees on what is considered "good" and "bad" behaviour, so end users
> can ask someone (me, Iljitsch, ...) what to do in their network planning,
> and we can tell them

I'd like a pony.

>  - if you do *this*, it's "guaranteed" to work
>  - if you do *that*, you can be sure that you will be filtered
> 
> while today, I have to tell them
> 
>  - well, today it is likely to work, but it might stop working tomorrow,
>    and there is no document that you could show around to those that
>    break your connectivity to show them that "you are doing the right thing"

We've had various attempts at this in the past. At one point, the document said
"RIRs will not issue PI prefixes in IPv6". That didn't meet the needs of the operator
community, so it changed.

Any such document will be subject to "This is what was correct as of the date of
publication. It may stop working tomorrow."

A better way to address this would be for more people to understand that the
concept that there is such a thing as "the internet" is a myth. In reality, "The internet"
is a collection of independently owned and operated networks with competing
and conflicting goals that happen to have (at least for the moment) agreed on
certain operational matters to a sufficient degree that traffic mostly is able to
get from any point A to nearly any point B as permitted by various intermediate
policies.

> ISPs develop their own guidelines on prefix-length filtering, some with
> better understanding on what they want to achieve, others by using 10 year
> old example documents for never-updated filters...
> 
> So, yes, guidance, please :-)

You do realize that any guidance provided in the document we create today
will meet the definition of "10 year old example documents for never-updated
filters" in about 10 years?

Owen

> have you enabled IPv6 on something today...?

Of course... Have you?