|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: To CAIS Engineers - WAKE UP AND TAKE CARE OF YOUR CUSTOMERS
* Roeland Meyer <[email protected]> [20010513 13:45]: > > None of the DSL ISPs can do larger than /27 anymore, even when they're > ILECs. What does being an ILEC have to do with layer 3 routing? 'sides there are plenty of DSL ISPs that offer larger than a /27. Heck, I count some of them among my clients who consist primarily of smaller regional players. If you are looking for more major player examples that offer larger IP blocks: * MegaPath <URL:http://www.megapath.net/> (see Support -> IP Request Form) * PacBell/SBC <URL:http://public.pacbell.net/dedicated/dsl/dsl_business.html> How hard have you looked, Roeland? > Anything less than a /24 can't be SWIP'd and if you don't control > your in-addr.arpa entries you don't control your domain and have no > security. This is FUD. For example, look up "63.201.8.120". That sure looks like a /29 to me. Hell, that's even being done by an ILEC owned ISP. :-) In fact, ARIN (and other regional registries have similar policies) encourage SWIP reassignments for anything up to and including /29. An NSP who has to justify its requests for IP space (read: any) knows how much easier and quicker the process is made when they have everything SWIP'd already. <URL:ftp://ftp.arin.net/pub/swip/swipinstruction.txt> As to controlling your reverse delegation, if your IP block is less than a /24 how often do you _really_ need to change your reverse? If the answer is not often you are losing nothing by having your upstream handle it for you. If you still want control of it, convince your upstream to implement RFC2317 (if they haven't already): <URL:http://www.rfc-editor.org/rfc/rfc2317.txt> As to trusting reverse nameservice records for security, well, that's your choice not mine.. -jr ---- Josh Richards <[email protected]{ geekresearch.com, cubicle.net }> [JTR38/JR539-ARIN] Geek Research, LLC - San Luis Obispo, CA - <URL:http://www.geekresearch.com/> KG6CYK - IP/Unix/telecom/knowledge/coffee/security/crypto/business/geek
|