[no subject]

[Iljitsch van Beijnum <iljitsch@muada.com>]

Kurt Erik Lindqvist wrote:

> >> It's still a size we can handle.
>
> > 32 bits??? I don't think so...
>
> This again depends on the timeline. As there is also a cost involved I
> still don't believe that we will have a billion multihomed networks
> tomorrow.
Your argument here was that the number of available AS numbers would 
limit the number of multihomed networks to something we can handle. 
Since 32 bit ASNs can happen fairly easily (in fact I don't undestand 
what we're waiting for, the draft seems mature better do it now and 
keep some 16 bit numbers for new transit networks by giving 32 bit ones 
to leaf networks) the limit here is 4G which I don't believe is a size 
we can assume to be manageable in the forseeable future.

> > A much better way to do this would be to take the globally unique 
> site
> > local addresses for this.
>
> ...which breaks a lot of current applications.
??? I don't see how?

> > Try to reclaim them... That's very hard.
>
> > Nope. And this has been discussed in RIPE over the last year (to do
> > this more effectively ) and is already in place in APNIC I think.
> > Where do you get this? There are more than 25000 AS numbers out 
> there.
> > At some point, most of those networks will want to run IPv6.
Historically, this issue has been usually dealt with by increasing the 
number space rather than aggressively reclaim unused numbers. If APNIC 
thinks they can do this more power to them (hm, how many ASNs are there 
in the APNIC anyway? Maybe ARIN should do this) but I'm not holding my 
breath. And even if successful I don't believe this will make 16 bits 
last forever.

> Just look in Philip Smiths routing summary that are also in my slides
> from RIPE i Amsterdam and also posted by me here a while ago.
I was there, I saw them... Obviously I'm missing your point here, but I 
don't think it makes much of a difference as extrapolating current 
trends a few years isn't what we have to deal with here. Remember "we 
expect to sell one computer for each continent" and "640k should be 
enough for everyone"? These statements weren't really ridiculous at the 
time; they were simply based on present knowledge. We can predict 
future IPv6 deployment today no better than  Bill Gates could predict 
the future of PC deployment in 1983.

> >> Last, what worries me the most is the security considerations. A
> >> failure on filtering, or in routing configuration will make the 
> AS7777
> >> incident seem like trivial.
>
> > No.
>
> Uhm, why not?
You are supposed to use inbound filters to make GFN work. If you don't, 
you had better have routers with a LOT of memory, but if you don't, 
that's your problem and not anyone else's.

But I think I see a potential problem that may or may not have been 
your point. Eventually it will become impossible to create filters that 
specifically allow all "good" routes from peers because the number of 
routes simply becomes too large. In the security considerations I 
mention this for ingress packet filtering but not for ingress route 
filtering. If a peer then screws up it's hard to protect against this. 
But I think maximum prefix settings per peer will help here.

> > I'm sure many more people own or run a multihomed network in the
> > Swedish silicon valley than in a rural province of China, but the 
> gain
> > you get from allocating less for China is much smaller than the 
> hassle
> > of having to manually look at it and justify your decision.
>
> The problem is how you make sure you get enough addresses where they
> are needed, without having to reallocate space.
Simple: by allocating more than could ever be required. Hence the /26 
for Sweden.  :-)

> > Also, if you're going to physically move your
> > network renumbering is only a minor extra task in addition to
> > everything else that's going on.
>
> I was part of doing one of the largest network mergers ever. I am glad
> we didn't have to worry more about renumbering that what we already 
> had.
>
> You don't want to renumber as well as merge routing.
Some years ago we implemented a completely new network with a much 
better design for one of the large NL networks. However, we needed to 
switch customers one by one so the interior routing of the new and old 
networks had to be intimately intertwined so a certain customer address 
block could reside in either network. This turned out to be the biggest 
challenge of the entire project. I would have loved to give customers 
new address space for the transition.  :-)

> > In the US there isn't much local interconnection as not much traffic
> > stays local. In most other countries, much more traffic stays local
>
> Huh?
Local, as within cities or states. For instance, if two people in 
Boston communicate this will probably be routed through Virginia 
because there are no interconnects in Massachusetts (that I'm aware of).

> > So now we have examples with little local interconnection and
> > examples with little regional interconnection. I'm still waiting for
> > examples of significant internet use with no local OR regional
> > interconnection
>
> See Joes India/Nepal example.
I'm not sure this constitutes "significant" internet use.

> My problem is that I am not convinced address useage follow population
> patterns.

How can it not? Addresses = computers, computers = people. In IPv6 we 
have the luxury situation that we can allocate address space for all 
potential users. Potentially, everyone in the world can buy a computer 
and hook it up to two ISPs. Obviously not everyone actually does this, 
but the fact that the address allocation plan makes it possible is a 
good thing.

> >> Yes, but there are other alternatives to base this on as well.
>
> > Such as?
>
> Current useage?
As Michel explained: this will lead to results that are obviously not 
future-proof.

> > No to the IPv6 swamp!
>
> I will start to worry when we hit 1k routes in IPv6.
As engineers we are trained to worry in advance so that when our work 
is done others don't have to.

Iljitsch