North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical RE: /24s run amuck again
On Sat, 9 Jun 2001, Philip Smith wrote: > I was working on almost the same thing... :-) As from next Friday, my > routing report will include the top 20 ASes which are announcing > prefixes more specific than the registry minimum allocation (/20), > more specific than a /24 from 192/8 space, more specific than a /16 > from former B space, more specific than a /8 from former A space... I've always been suspicious of using registry allocation boundaries, there are too many legitimate ways to set it off. There are lots of reasons to have some diverse /22 announcements in your network for example. On the other hand, if you have 200 seperate /24s announced from the same /16, with the same aspath, and the origin owns the entire block, there is simply no reason for this. > 11371 307 Rhythms NetConnections > 3491 651 CAIS Internet DSL providers are becoming very bad about this. Someone pointed out to me off list that CAIS had carved up PSI's /8 into over 500 /24s. > 690 502 Merit Network Well at least we don't have to go too far to find the guilty party. :P > 18994 468 Global Crossing > 15870 436 Global Center Frankfurt > 18993 325 Global Crossing Those are the GlobalCenter datacenters being converted into the Exodus network. It looks like they are leaking a sizable number of /32s /30s etc, and since its GBLX space I'm assuming its stuff that used to be aggregated into a single announcement. > There is no attempt to measure aggregation - that's the job of the > CIDR Report. This simply looks at the prefix announced and if it is > outside the above limits, it is counted. Makes very interesting > reading... The one interesting pattern I noticed in the rampant /24 abuse was non- contiguous announcements. It's likely that this kept them off the CIDR Report and any other scans which only looked for contiguous announcements. For example: 1.2.3.0/24 1.2.5.0/24 1.2.7/0.24 -- Richard A Steenbergen <[email protected]> http://www.e-gerbil.net/ras PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3 D8 14 36 FE B6)
|