North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: [NANOG] US DoD receives chunked IPv6 /13 (14x /22 but nottotally consecutive)
On May 16, 2008, at 2:15 PM, Robert D. Scott wrote: > OH, You mean like putting a sniper in a bunch of trees. They know that > tactic well. :) Yup -- http://www.youtube.com/watch?v=ltmMJntSfQI W > > > Robert D. Scott [email protected] > Senior Network Engineer 352-273-0113 Phone > CNS - Network Services 352-392-2061 CNS Receptionist > University of Florida 352-392-9440 FAX > Florida Lambda Rail 352-294-3571 FLR NOC > Gainesville, FL 32611 > > > -----Original Message----- > From: Dorn Hetzel [mailto:[email protected]] > Sent: Friday, May 16, 2008 1:59 PM > To: Jeroen Massar > Cc: NANOG list > Subject: Re: [NANOG] US DoD receives chunked IPv6 /13 (14x /22 but > nottotally consecutive) > > > Perhaps it is an attempt to make their address space so sparsely > populated > that it's close to impossible to find a host without knowing it's > address in > the first place? > > On Fri, May 16, 2008 at 1:09 PM, Jeroen Massar <[email protected]> > wrote: > >> Hi folks, >> >> As everybody is a big fan of securing their networks against foreign >> attacks, be aware that the US DoD has been assigned 14 /22's, IPv6 >> that >> is, not IPv4, they all come from a single IPv6 /13 though, which is >> what >> they apparently asked for in the beginning, at least that was the >> rumor, >> well they got what they wanted. >> >> I've recorded it into GRH as a single /13 though, as that is what >> it is, >> and I am not going to bother whois'ing and entering the 14 separate >> entries there, as that is useless, especially as they will most >> likely >> never appear in the global routing tables anyway. >> >> Depending on your love for the US, you might want to add special >> rules >> in your network to be able to easily detect Cyber Attacks and other >> such >> things towards that address space, to be able to better serve your >> country, may that be the US or any other country for that matter. >> >> I am of course wondering why ARIN gave 1 organization 14 separate / >> 22's, >> even though they are recorded exactly the same, just different >> prefixes >> and netnames and it is effectively one huge /13. They could easily >> have >> been recorded as that one /13, it is not like eg Canada (no other >> countries that fall under ARIN now is there) will get a couple of the >> chunks of remaining space in between there. By assigning them >> separate >> /22's, they effectively are stating that it is good to fragment the >> address space and by having them recorded in whois, also that >> announcing >> more specifics from that /13 is just fine. >> >> The other fun question is of course what a single organization has >> to do >> with (2^(48-13)=) 34.359.738.368, yes indeed, 34 billion /48's which >> cover 2.251.799.813.685.248 /64's which is a number that I can't even >> pronounce. According to Wikipedia the US only has a mere population >> of >> 304,080,000, that means that every US citizen can get a 1000+ /48's >> from >> their DoD, thus maybe every nuclear warhead and every bullet is >> getting >> their own /48 or something to be able to justify for that amount of >> address space. At least this gives the opportunity to hardcode that >> block out of hardware if you want to avoid it being ever used by the >> publicly known part of the US DoD. I wouldn't mind seeing the request >> form that can justify this amount of address space though, must be >> a lot >> of fun. >> >> Now back to your regular NANOG schedule.... >> >> Greets, >> Jeroen >> >> (who will hide himself in a nice Swiss nuclear bunker till the flames >> are all gone ;) >> >> 1) http://en.wikipedia.org/wiki/United_States >> which points to: http://www.census.gov/population/www/popclockus.html >> >> >> _______________________________________________ >> NANOG mailing list >> [email protected] >> http://mailman.nanog.org/mailman/listinfo/nanog >> > _______________________________________________ > NANOG mailing list > [email protected] > http://mailman.nanog.org/mailman/listinfo/nanog > > > > _______________________________________________ > NANOG mailing list > [email protected] > http://mailman.nanog.org/mailman/listinfo/nanog > -- Hope is not a strategy. -- Ben Treynor, Google _______________________________________________ NANOG mailing list [email protected] http://mailman.nanog.org/mailman/listinfo/nanog
|