North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: [NANOG] US DoD receives chunked IPv6 /13 (14x /22 but nottotally consecutive)

  • From: Robert D. Scott
  • Date: Fri May 16 14:17:29 2008

OH, You mean like putting a sniper in a bunch of trees. They know that
tactic well.  :)

Robert D. Scott                 [email protected]
Senior Network Engineer         352-273-0113 Phone
CNS - Network Services          352-392-2061 CNS Receptionist
University of Florida           352-392-9440 FAX
Florida Lambda Rail             352-294-3571 FLR NOC
Gainesville, FL  32611


-----Original Message-----
From: Dorn Hetzel [mailto:[email protected]] 
Sent: Friday, May 16, 2008 1:59 PM
To: Jeroen Massar
Cc: NANOG list
Subject: Re: [NANOG] US DoD receives chunked IPv6 /13 (14x /22 but
nottotally consecutive)


Perhaps it is an attempt to make their address space so sparsely populated
that it's close to impossible to find a host without knowing it's address in
the first place?

On Fri, May 16, 2008 at 1:09 PM, Jeroen Massar <[email protected]> wrote:

> Hi folks,
>
> As everybody is a big fan of securing their networks against foreign
> attacks, be aware that the US DoD has been assigned 14 /22's, IPv6 that
> is, not IPv4, they all come from a single IPv6 /13 though, which is what
> they apparently asked for in the beginning, at least that was the rumor,
> well they got what they wanted.
>
> I've recorded it into GRH as a single /13 though, as that is what it is,
> and I am not going to bother whois'ing and entering the 14 separate
> entries there, as that is useless, especially as they will most likely
> never appear in the global routing tables anyway.
>
> Depending on your love for the US, you might want to add special rules
> in your network to be able to easily detect Cyber Attacks and other such
> things towards that address space, to be able to better serve your
> country, may that be the US or any other country for that matter.
>
> I am of course wondering why ARIN gave 1 organization 14 separate /22's,
> even though they are recorded exactly the same, just different prefixes
> and netnames and it is effectively one huge /13. They could easily have
> been recorded as that one /13, it is not like eg Canada (no other
> countries that fall under ARIN now is there) will get a couple of the
> chunks of remaining space in between there. By assigning them separate
> /22's, they effectively are stating that it is good to fragment the
> address space and by having them recorded in whois, also that announcing
> more specifics from that /13 is just fine.
>
> The other fun question is of course what a single organization has to do
> with (2^(48-13)=) 34.359.738.368, yes indeed, 34 billion /48's which
> cover 2.251.799.813.685.248 /64's which is a number that I can't even
> pronounce. According to Wikipedia the US only has a mere population of
> 304,080,000, that means that every US citizen can get a 1000+ /48's from
> their DoD, thus maybe every nuclear warhead and every bullet is getting
> their own /48 or something to be able to justify for that amount of
> address space. At least this gives the opportunity to hardcode that
> block out of hardware if you want to avoid it being ever used by the
> publicly known part of the US DoD. I wouldn't mind seeing the request
> form that can justify this amount of address space though, must be a lot
> of fun.
>
> Now back to your regular NANOG schedule....
>
> Greets,
>     Jeroen
>
> (who will hide himself in a nice Swiss nuclear bunker till the flames
> are all gone ;)
>
> 1) http://en.wikipedia.org/wiki/United_States
>    which points to: http://www.census.gov/population/www/popclockus.html
>
>
> _______________________________________________
> NANOG mailing list
> [email protected]
> http://mailman.nanog.org/mailman/listinfo/nanog
>
_______________________________________________
NANOG mailing list
[email protected]
http://mailman.nanog.org/mailman/listinfo/nanog



_______________________________________________
NANOG mailing list
[email protected]
http://mailman.nanog.org/mailman/listinfo/nanog